Projectworlds: >> Asset Management System Security Vulnerabilities
Asset Management System v1.0 is vulnerable to
an Authenticated SQL Injection vulnerability
on the 'first_name' and 'last_name' parameters
of user.php page, allowing an authenticated
attacker to dump all the contents of the database
contents.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-09-28
Asset Management System v1.0 is vulnerable to an
unauthenticated SQL Injection vulnerability on the
'email' parameter of index.php page, allowing an
external attacker to dump all the contents of the
database contents and bypass the login control.
CVSS Score
9.8
EPSS Score
0.0
Published
2023-09-28