Sales & Company Management System Project

Sales & Company Management System

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2018-19923

Exploit
  • EPSS 0.14%
  • Veröffentlicht 06.12.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:58:49

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is member/member_email.php?action=edit CSRF.

6.1

CVE-2018-19924

Exploit
  • EPSS 0.24%
  • Veröffentlicht 06.12.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:58:49

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained...

9.8

CVE-2018-19925

Exploit
  • EPSS 0.26%
  • Veröffentlicht 06.12.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:58:49

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter.

7.5

CVE-2018-19654

Exploit
  • EPSS 0.24%
  • Veröffentlicht 29.11.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:21

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it ...