Tailor Management System Project: Security Vulnerabilities
SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page.
CVSS Score
8.8
EPSS Score
0.017
Published
2023-04-06
SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.
CVSS Score
8.8
EPSS Score
0.017
Published
2023-04-06
SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the detail parameter of the document.php page.
CVSS Score
8.8
EPSS Score
0.017
Published
2023-04-06
Multiple Cross Site Scripting (XSS) vulnerabilities exist in SourceCodester Tailor Management 1.0 via the (1) eid parameter in (a) partedit.php and (b) customeredit.php, the (2) id parameter in (a) editmeasurement.php and (b) addpayment.php, and the (3) error parameter in index.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-11-08
A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Tailor Management System v1.0 allows remote attackers to harvest keys pressed by an unauthenticated victim who clicks on a malicious URL and begins typing.
CVSS Score
6.4
EPSS Score
0.014
Published
2020-09-01