Vulnerabilities > Stock Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-36779 | SQL Injection vulnerability in Stock Management System Project Stock Management System 1.0 Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php. | 9.8 |
| 2024-02-05 | CVE-2023-51951 | SQL Injection vulnerability in Stock Management System Project Stock Management System 1.0 SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file. | 9.8 |
| 2022-11-24 | CVE-2022-4090 | Cross-Site Request Forgery (CSRF) vulnerability in Stock Management System Project Stock Management System A vulnerability was found in rickxy Stock Management System and classified as problematic. | 8.8 |
| 2022-11-24 | CVE-2022-4088 | SQL Injection vulnerability in Stock Management System Project Stock Management System A vulnerability was found in rickxy Stock Management System and classified as critical. | 9.8 |
| 2022-11-24 | CVE-2022-4089 | Cross-site Scripting vulnerability in Stock Management System Project Stock Management System A vulnerability was found in rickxy Stock Management System. | 5.4 |
| 2022-01-31 | CVE-2021-44114 | Cross-site Scripting vulnerability in Stock Management System Project Stock Management System 1.0 Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious users to execute arbitrary remote code execution via create user function. | 4.8 |
| 2020-09-09 | CVE-2020-24198 | Cross-site Scripting vulnerability in Stock Management System Project Stock Management System 1.0 A persistent cross-site scripting vulnerability in Sourcecodester Stock Management System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'Brand Name.' | 6.1 |
| 2020-09-09 | CVE-2020-24197 | SQL Injection vulnerability in Stock Management System Project Stock Management System 1.0 A SQL injection vulnerability in the login component in Stock Management System v1.0 allows remote attacker to execute arbitrary SQL commands via the username parameter. | 9.8 |
| 2020-09-02 | CVE-2020-23830 | Cross-Site Request Forgery (CSRF) vulnerability in Stock Management System Project Stock Management System 1.0 A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site. | 7.1 |
| 2020-09-01 | CVE-2020-23831 | Cross-site Scripting vulnerability in Stock Management System Project Stock Management System 1.0 A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials. | 6.1 |