Show filters
35 Total Results
Displaying 31-35 of 35
Sort by:
Attacker Value
Unknown

CVE-2022-30407

Disclosure Date: May 13, 2022 (last updated February 23, 2025)
Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inventory-system/manage_user.php?id=.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-44321

Disclosure Date: March 04, 2022 (last updated February 23, 2025)
Mini-Inventory-and-Sales-Management-System is affected by Cross Site Request Forgery (CSRF), where an attacker can update/delete items in the inventory. The attacker must be logged into the application create a malicious file for updating the inventory details and items.
Attack Vector: LocalPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-25202

Disclosure Date: July 22, 2021 (last updated February 23, 2025)
SQL injection vulnerability in SourceCodester Sales and Inventory System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to \ahira\admin\inventory.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-29387

Disclosure Date: April 28, 2021 (last updated February 22, 2025)
Multiple stored cross-site scripting (XSS) vulnerabilities in Sourcecodester Equipment Inventory System 1.0 allow remote attackers to inject arbitrary javascript via any "Add" sections, such as Add Item , Employee and Position or others in the Name Parameters.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-18804

Disclosure Date: November 16, 2018 (last updated November 27, 2024)
Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb.
0
0
View More Topics  < Previous