Stock Management System Project

Stock Management System

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-36779

Exploit
  • EPSS 0.1%
  • Veröffentlicht 06.06.2024 13:15:31
  • Zuletzt bearbeitet 21.11.2024 09:22:37

Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php.

9.8

CVE-2023-51951

Exploit
  • EPSS 3.5%
  • Veröffentlicht 05.02.2024 21:15:11
  • Zuletzt bearbeitet 06.02.2026 15:15:50

SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file.

8.8

CVE-2022-4090

Exploit
  • EPSS 0.1%
  • Veröffentlicht 24.11.2022 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:33

A vulnerability was found in rickxy Stock Management System and classified as problematic. This issue affects some unknown processing of the file us_transac.php?action=add. The manipulation leads to cross-site request forgery. The attack may be initi...

9.8

CVE-2022-4088

Exploit
  • EPSS 0.28%
  • Veröffentlicht 24.11.2022 10:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:33

A vulnerability was found in rickxy Stock Management System and classified as critical. Affected by this issue is some unknown functionality of the file /pages/processlogin.php. The manipulation of the argument user/password leads to sql injection. T...

5.4

CVE-2022-4089

Exploit
  • EPSS 0.31%
  • Veröffentlicht 24.11.2022 10:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:33

A vulnerability was found in rickxy Stock Management System. It has been declared as problematic. This vulnerability affects unknown code of the file /pages/processlogin.php. The manipulation of the argument user leads to cross site scripting. The at...

4.8

CVE-2021-44114

  • EPSS 0.32%
  • Veröffentlicht 31.01.2022 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:30:23

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function.

6.1

CVE-2020-24198

Exploit
  • EPSS 0.4%
  • Veröffentlicht 09.09.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 05:14:29

A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.'

9.8

CVE-2020-24197

Exploit
  • EPSS 0.51%
  • Veröffentlicht 09.09.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:14:29

A SQL injection vulnerability in the login component in Stock Management System v1.0 allows remote attacker to execute arbitrary SQL commands via the username parameter.

7.1

CVE-2020-23830

Exploit
  • EPSS 0.22%
  • Veröffentlicht 02.09.2020 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:14:06

A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site.

6.1

CVE-2020-23831

Exploit
  • EPSS 0.49%
  • Veröffentlicht 01.09.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:14:06

A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks o...