Web Based Inventory And Pos System
Monthly
SQL injection in code-projects Web-Based Inventory and POS System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the shopid parameter in /transaction.php, resulting in limited data confidentiality, integrity, and availability impact. The CVSS 2.1 score reflects low severity due to authentication requirement and constrained scope, but publicly available exploit code exists and the vulnerability has been publicly disclosed.
A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. This impacts an unknown function of the file /login.php. Executing manipulation of the argument emailid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
SQL injection in code-projects Web-Based Inventory and POS System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the shopid parameter in /transaction.php, resulting in limited data confidentiality, integrity, and availability impact. The CVSS 2.1 score reflects low severity due to authentication requirement and constrained scope, but publicly available exploit code exists and the vulnerability has been publicly disclosed.
A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. This impacts an unknown function of the file /login.php. Executing manipulation of the argument emailid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.