CVE-2022-36690
https://notcve.org/view.php?id=CVE-2022-36690
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user&id=. Se ha detectado que Ingredients Stock Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro id en /admin/?page=user/manage_user&id= • https://github.com/k0xx11/vul-wiki/blob/master/vendors/oretnom23/ingredients-stock-management-system/SQLi-4.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-36689
https://notcve.org/view.php?id=CVE-2022-36689
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/waste&month=. Se ha detectado que Ingredients Stock Management System v1.0 contenía una vulnerabilidad de inyección SQL por medio del parámetro month en /admin/?page=reports/waste&month= • https://github.com/k0xx11/vul-wiki/blob/master/vendors/oretnom23/ingredients-stock-management-system/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-36688
https://notcve.org/view.php?id=CVE-2022-36688
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockout&month=. Se ha detectado que Ingredients Stock Management System v1.0 contenía una vulnerabilidad de inyección SQL por medio del parámetro month en /admin/?page=reports/stockout&month= • https://github.com/k0xx11/vul-wiki/blob/master/vendors/oretnom23/ingredients-stock-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-36687
https://notcve.org/view.php?id=CVE-2022-36687
Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /classes/Master.php?f=delete_img. Se ha detectado que Ingredients Stock Management System versión v1.0, contiene una vulnerabilidad de eliminación arbitraria de archivos por medio del componente /classes/Master.php?f=delete_img • https://github.com/k0xx11/vul-wiki/blob/master/vendors/oretnom23/ingredients-stock-management-system/delet-file-1.md • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2022-36686
https://notcve.org/view.php?id=CVE-2022-36686
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /admin/?page=reports/stockin&month=. Se ha detectado que Ingredients Stock Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro month en /admin/?page=reports/stockin&month= • https://github.com/k0xx11/vul-wiki/blob/master/vendors/oretnom23/ingredients-stock-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •