Filtered by vendor Microfinance Management System Project
Subscriptions
Filtered by product Microfinance Management System
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27927 | 1 Microfinance Management System Project | 1 Microfinance Management System | 2022-09-09 | 9.8 Critical |
| A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter. | ||||
| CVE-2022-1083 | 1 Microfinance Management System Project | 1 Microfinance Management System | 2022-04-05 | 9.8 Critical |
| A vulnerability classified as critical has been found in Microfinance Management System. The manipulation of arguments like customer_type_number/account_number/account_status_number/account_type_number with the input ' and (select * from(select(sleep(10)))Avx) and 'abc' = 'abc leads to sql injection in multiple files. It is possible to launch the attack remotely. | ||||
| CVE-2022-1082 | 1 Microfinance Management System Project | 1 Microfinance Management System | 2022-04-04 | 9.8 Critical |
| A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the argument username/password with the input '||1=1# leads to sql injection. The attack may be initiated remotely. | ||||
| CVE-2022-1081 | 1 Microfinance Management System Project | 1 Microfinance Management System | 2022-04-04 | 6.1 Medium |
| A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulation of the argument first_name, middle_name, and surname leads to cross site scripting. The attack can be initiated remotely. | ||||
Page 1 of 1.