VYPR

Microfinance Management System

by Sourcecodester

CVEs (4)

  • CVE-2022-27927Apr 19, 2022
    risk 0.07cvss epss 0.14

    A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.

  • CVE-2022-1083Mar 29, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Microfinance Management System. The manipulation of arguments like customer_type_number/account_number/account_status_number/account_type_number with the input ' and (select * from(select(sleep(10)))Avx) and 'abc' = 'abc…

  • CVE-2022-1082Mar 29, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the argument username/password with the input '||1=1# leads to sql injection. The…

  • CVE-2022-1081Mar 29, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulation of the argument first_name, middle_name, and surname leads to cross site…