CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5774 – SourceCodester Stock Management System Login index.php sql injection
https://notcve.org/view.php?id=CVE-2024-5774
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/CveSecLook/cve/issues/43 https://vuldb.com/?ctiid.267457 https://vuldb.com/?id.267457 https://vuldb.com/?submit.352337 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5515 – SourceCodester Stock Management System createBrand.php sql injection
https://notcve.org/view.php?id=CVE-2024-5515
A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to launch the attack remotely. • https://github.com/HaojianWang/cve/issues/1 https://vuldb.com/?ctiid.266586 https://vuldb.com/?id.266586 https://vuldb.com/?submit.345714 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •