Stock Management System
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-24197 | Cri | 0.64 | 9.8 | 0.01 | Sep 9, 2020 | A SQL injection vulnerability in the login component in Stock Management System v1.0 allows remote attacker to execute arbitrary SQL commands via the username parameter. | ||
| CVE-2024-5774 | Hig | 0.48 | 7.3 | 0.01 | Jun 9, 2024 | A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql… | ||
| CVE-2025-4935 | Hig | 0.47 | 7.3 | 0.00 | May 19, 2025 | A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/changePassword.php. The manipulation of the argument user_id leads to sql injection. The attack may be initiated… | ||
| CVE-2025-4283 | Hig | 0.47 | 7.3 | 0.00 | May 5, 2025 | A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Login.php?f=login. The manipulation of the argument Username leads to sql injection. The attack may be… | ||
| CVE-2020-23830 | Hig | 0.46 | 7.1 | 0.01 | Sep 2, 2020 | A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site. | ||
| CVE-2020-23831 | Med | 0.42 | 6.4 | 0.01 | Sep 1, 2020 | A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters… | ||
| CVE-2025-4806 | Med | 0.41 | 6.3 | 0.00 | May 16, 2025 | A vulnerability, which was classified as critical, has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=back_order/view_bo. The manipulation of the argument ID leads to sql… | ||
| CVE-2025-4787 | Med | 0.41 | 6.3 | 0.00 | May 16, 2025 | A vulnerability classified as critical has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected is an unknown function of the file /admin/?page=sales/view_sale. The manipulation of the argument ID leads to sql injection. It is possible to launch the… | ||
| CVE-2025-4786 | Med | 0.41 | 6.3 | 0.00 | May 16, 2025 | A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/?page=return/view_return. The manipulation of the argument ID leads to sql injection. The attack may be… | ||
| CVE-2025-4782 | Med | 0.41 | 6.3 | 0.00 | May 16, 2025 | A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /sms/admin/?page=receiving/view_receiving&id=1. The manipulation of the argument ID leads to sql injection. The… | ||
| CVE-2024-5515 | Med | 0.41 | 6.3 | 0.01 | May 30, 2024 | A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack… | ||
| CVE-2020-24198 | Med | 0.40 | 6.1 | 0.01 | Sep 9, 2020 | A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.' | ||
| CVE-2021-44114 | Med | 0.31 | 4.8 | 0.01 | Jan 31, 2022 | Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function. | ||
| CVE-2025-4282 | Med | 0.28 | 4.3 | 0.00 | May 5, 2025 | A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=save. The manipulation leads to cross-site request forgery. The attack can be initiated… |
- risk 0.64cvss 9.8epss 0.01
A SQL injection vulnerability in the login component in Stock Management System v1.0 allows remote attacker to execute arbitrary SQL commands via the username parameter.
- risk 0.48cvss 7.3epss 0.01
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in SourceCodester Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/changePassword.php. The manipulation of the argument user_id leads to sql injection. The attack may be initiated…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Login.php?f=login. The manipulation of the argument Username leads to sql injection. The attack may be…
- risk 0.46cvss 7.1epss 0.01
A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site.
- risk 0.42cvss 6.4epss 0.01
A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters…
- risk 0.41cvss 6.3epss 0.00
A vulnerability, which was classified as critical, has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/?page=back_order/view_bo. The manipulation of the argument ID leads to sql…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected is an unknown function of the file /admin/?page=sales/view_sale. The manipulation of the argument ID leads to sql injection. It is possible to launch the…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/?page=return/view_return. The manipulation of the argument ID leads to sql injection. The attack may be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /sms/admin/?page=receiving/view_receiving&id=1. The manipulation of the argument ID leads to sql injection. The…
- risk 0.41cvss 6.3epss 0.01
A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack…
- risk 0.40cvss 6.1epss 0.01
A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.'
- risk 0.31cvss 4.8epss 0.01
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function.
- risk 0.28cvss 4.3epss 0.00
A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=save. The manipulation leads to cross-site request forgery. The attack can be initiated…