CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8344 – Campcodes Supplier Management System edit_area.php sql injection
https://notcve.org/view.php?id=CVE-2024-8344
A vulnerability has been found in Campcodes Supplier Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_area.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/yooo0oo0/cve_report/blob/main/supplier-management-system/SQLi-2.md https://vuldb.com/?ctiid.276223 https://vuldb.com/?id.276223 https://vuldb.com/?submit.400185 https://www.campcodes.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-22627
https://notcve.org/view.php?id=CVE-2024-22627
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_distributor.php?id=. Complete Supplier Management System v1.0 es vulnerable a la inyección SQL a través de /Supply_Management_System/admin/edit_distributor.php?id=. • https://github.com/GaoZzr/CVE_report/blob/main/Supply_Management_System/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-22625
https://notcve.org/view.php?id=CVE-2024-22625
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_category.php?id=. Complete Supplier Management System v1.0 es vulnerable a la inyección SQL a través de /Supply_Management_System/admin/edit_category.php?id=. • https://github.com/GaoZzr/CVE_report/blob/main/Supply_Management_System/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-22626
https://notcve.org/view.php?id=CVE-2024-22626
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=. Complete Supplier Management System v1.0 es vulnerable a la inyección SQL a través de /Supply_Management_System/admin/edit_retailer.php?id=. • https://github.com/GaoZzr/CVE_report/blob/main/Supply_Management_System/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •