Search Results | AttackerKB

34 Total Results

Displaying 21-30 of 34

Attacker Value

Unknown

CVE-2022-36692

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.

Attacker Value

Unknown

CVE-2022-36703

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2022-36701

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2022-36700

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2022-36699

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2022-36698

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2022-32311

Disclosure Date: July 05, 2022 (last updated February 24, 2025)

Ingredient Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /isms/admin/stocks/view_stock.php.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2022-32310

Disclosure Date: July 05, 2022 (last updated February 24, 2025)

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2021-44114

Disclosure Date: January 31, 2022 (last updated February 23, 2025)

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function.

Attack Vector: Network Privileges: High User Interaction: Required

Attacker Value

Unknown

CVE-2020-24198

Disclosure Date: September 09, 2020 (last updated February 22, 2025)

A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.'

Attack Vector: Network Privileges: None User Interaction: Required

34 Total Results

Displaying 21-30 of 34

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification