Vulnerabilities > Ingredient Stock Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-29 | CVE-2022-36686 | SQL Injection vulnerability in Ingredient Stock Management System Project Ingredient Stock Management System 1.0 Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=. | 8.8 |
| 2022-08-29 | CVE-2022-36687 | Path Traversal vulnerability in Ingredient Stock Management System Project Ingredient Stock Management System 1.0 Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img. | 6.5 |
| 2022-08-29 | CVE-2022-36688 | SQL Injection vulnerability in Ingredient Stock Management System Project Ingredient Stock Management System 1.0 Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=. | 8.8 |
| 2022-08-29 | CVE-2022-36689 | SQL Injection vulnerability in Ingredient Stock Management System Project Ingredient Stock Management System 1.0 Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=. | 8.8 |
| 2022-08-29 | CVE-2022-36690 | SQL Injection vulnerability in Ingredient Stock Management System Project Ingredient Stock Management System 1.0 Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user&id=. | 8.8 |
| 2022-07-05 | CVE-2022-32310 | Incorrect Authorization vulnerability in Ingredient Stock Management System Project Ingredient Stock Management System 1.0 An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php. | 9.8 |
| 2022-07-05 | CVE-2022-32311 | SQL Injection vulnerability in Ingredient Stock Management System Project Ingredient Stock Management System 1.0 Ingredient Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /isms/admin/stocks/view_stock.php. | 9.8 |