Ingredient Stock Management System Project: >> Ingredient Stock Management System Security Vulnerabilities
Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-08-29
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-08-29
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-08-29
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user&id=.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-08-29
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-08-29
An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-07-05
Ingredient Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /isms/admin/stocks/view_stock.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-07-05