Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Simple_cold_storage_management_system
(Oretnom23)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-01-28 | CVE-2021-45435 | An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php. | Simple_cold_storage_management_system | 9.8 | ||
| 2022-10-06 | CVE-2022-42241 | Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message. | Simple_cold_storage_management_system | 7.2 | ||
| 2022-10-06 | CVE-2022-42242 | Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking. | Simple_cold_storage_management_system | 7.2 | ||
| 2022-10-06 | CVE-2022-42243 | Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=. | Simple_cold_storage_management_system | 7.2 | ||
| 2022-10-06 | CVE-2022-42249 | Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=. | Simple_cold_storage_management_system | 7.2 | ||
| 2022-10-06 | CVE-2022-42250 | Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/view_details.php?id=. | Simple_cold_storage_management_system | 7.2 | ||
| 2022-10-14 | CVE-2022-42232 | Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/classes/Master.php?f=delete_storage. | Simple_cold_storage_management_system | 7.2 | ||
| 2022-10-17 | CVE-2022-3546 | A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability. | Simple_cold_storage_management_system | 4.8 | ||
| 2022-10-17 | CVE-2022-3548 | A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Add New Storage Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-211048. | Simple_cold_storage_management_system | 4.8 | ||
| 2022-10-17 | CVE-2022-3549 | A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /csms/admin/?page=user/manage_user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211049 was assigned to this vulnerability. | Simple_cold_storage_management_system | 7.2 |