Vulnerabilities > Oretnom23 > Packers AND Movers Management System > High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-24	CVE-2024-48427	SQL Injection vulnerability in Oretnom23 Packers and Movers Management System 1.0 A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id network low complexity oretnom23 CWE-89	8.8
2023-11-30	CVE-2023-46956	SQL Injection vulnerability in Oretnom23 Packers and Movers Management System 1.0 SQL injection vulnerability in Packers and Movers Management System v.1.0 allows a remote attacker to execute arbitrary code via crafted payload to the /mpms/admin/?page=user/manage_user&id file. network low complexity oretnom23 CWE-89	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.