Inventory Management System
Monthly
SQL injection in code-projects Inventory Management System 1.0 allows remote unauthenticated attackers to manipulate the Username parameter in the Login component, leading to unauthorized database access and potential data exfiltration. The vulnerability has a publicly available exploit and CVSS 6.9 score reflecting low confidentiality, integrity, and availability impact without scope expansion. EPSS data unavailable, but public exploit availability elevates practical risk.
A weakness has been identified in SourceCodester Inventory Management System 1.0. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQL injection in code-projects Inventory Management System 1.0 allows remote unauthenticated attackers to manipulate the Username parameter in the Login component, leading to unauthorized database access and potential data exfiltration. The vulnerability has a publicly available exploit and CVSS 6.9 score reflecting low confidentiality, integrity, and availability impact without scope expansion. EPSS data unavailable, but public exploit availability elevates practical risk.
A weakness has been identified in SourceCodester Inventory Management System 1.0. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.