Filtered by vendor Sales \& Company Management System Project
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19925 | 1 Sales \& Company Management System Project | 1 Sales \& Company Management System | 2024-09-17 | N/A |
| An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter. | ||||
| CVE-2018-19923 | 1 Sales \& Company Management System Project | 1 Sales \& Company Management System | 2024-09-17 | N/A |
| An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is member/member_email.php?action=edit CSRF. | ||||
| CVE-2018-19924 | 1 Sales \& Company Management System Project | 1 Sales \& Company Management System | 2024-09-16 | N/A |
| An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address. | ||||
| CVE-2018-19654 | 1 Sales \& Company Management System Project | 1 Sales \& Company Management System | 2024-08-05 | 7.5 High |
| An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a duplicate username, as demonstrated by use of the test%c2 string when a test account already exists. | ||||
Page 1 of 1.