Vulnerabilities > Free AND Open Source Inventory Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-30 | CVE-2023-51813 | Cross-Site Request Forgery (CSRF) vulnerability in Free and Open Source Inventory Management System Project Free and Open Source Inventory Management System 1.0 Cross Site Request Forgery (CSRF) vulnerability in Free Open-Source Inventory Management System v.1.0 allows a remote attacker to execute arbitrary code via the staff_list parameter in the index.php component. | 6.5 |
| 2023-09-08 | CVE-2023-39712 | Cross-site Scripting vulnerability in Free and Open Source Inventory Management System Project Free and Open Source Inventory Management System 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section. | 6.1 |
| 2023-09-07 | CVE-2023-39711 | Cross-site Scripting vulnerability in Free and Open Source Inventory Management System Project Free and Open Source Inventory Management System 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section. | 6.1 |
| 2023-09-01 | CVE-2023-39714 | Cross-site Scripting vulnerability in Free and Open Source Inventory Management System Project Free and Open Source Inventory Management System 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section. | 6.1 |
| 2023-09-01 | CVE-2023-39710 | Cross-site Scripting vulnerability in Free and Open Source Inventory Management System Project Free and Open Source Inventory Management System 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section. | 6.1 |
| 2023-08-28 | CVE-2023-39709 | Cross-site Scripting vulnerability in Free and Open Source Inventory Management System Project Free and Open Source Inventory Management System 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section. | 6.1 |
| 2023-08-28 | CVE-2023-39708 | Cross-site Scripting vulnerability in Free and Open Source Inventory Management System Project Free and Open Source Inventory Management System 1.0 A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section. | 6.1 |
| 2023-08-25 | CVE-2023-39707 | Cross-site Scripting vulnerability in Free and Open Source Inventory Management System Project Free and Open Source Inventory Management System 1.0 A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section. | 5.4 |