Skip to main content

Ingredient Stock Management System

7 CVEs product

Monthly

CVE-2022-36690 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user&id=. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ingredient Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36689 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ingredient Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36688 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ingredient Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-36687 MEDIUM POC This Month

Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Ingredient Stock Management System
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-36686 HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ingredient Stock Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-32311 CRITICAL POC Act Now

Ingredient Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /isms/admin/stocks/view_stock.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredient Stock Management System
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-32310 CRITICAL POC Act Now

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Ingredient Stock Management System
NVD
CVSS 3.1
9.8
EPSS
1.5%
EPSS 1% CVSS 8.8
HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user&id=. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ingredient Stock Management System
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ingredient Stock Management System
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ingredient Stock Management System
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Ingredient Stock Management System
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ingredient Stock Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Ingredient Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /isms/admin/stocks/view_stock.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ingredient Stock Management System
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Ingredient Stock Management System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy