Oretnom23: >> Packers And Movers Management System >> 1.0 Security Vulnerabilities
Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management System 1.0 allows attackers to create unauthorized admin accounts via crafted requests sent to an authenticated admin user.
CVSS Score
4.5
EPSS Score
0.002
Published
2025-02-06
SourceCodester Packers and Movers Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in Users.php. An attacker can inject a malicious script into the username or name field during user creation.
CVSS Score
6.4
EPSS Score
0.008
Published
2025-02-03
A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id
CVSS Score
8.8
EPSS Score
0.117
Published
2024-10-24
SQL injection vulnerability in Packers and Movers Management System v.1.0 allows a remote attacker to execute arbitrary code via crafted payload to the /mpms/admin/?page=user/manage_user&id file.
CVSS Score
7.2
EPSS Score
0.021
Published
2023-11-30
Sourcecodester Packers and Movers Management System v1.0 is vulnerable to SQL Injection via mpms/?p=services/view_service&id.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-10-26
Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/view_inquiry.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-28