Abdallah Fouad - Security Researcher - Exploit Intelligence Platform

CVE-2020-36071 WRITEUP HIGH WRITEUP

Tailor Management System 1 - Authenticated SQL Injection via Email Page Customer Parameter

SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page.

CVSS 8.8

View Code

CVE-2020-36072 WRITEUP HIGH WRITEUP

Tailor Management System 1 - SQL Injection via id Parameter

SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the id parameter.

CVSS 8.8

View Code

CVE-2020-36073 WRITEUP HIGH WRITEUP

Tailor Management System 1 - SQL Injection via Document Detail Parameter

SQL injection vulnerability found in Tailor Management System v.1 allows a remote attacker to execute arbitrary code via the detail parameter of the document.php page.

CVSS 8.8

View Code

CVE-2020-36074 WRITEUP HIGH WRITEUP

Tailor Management System 1 - SQL Injection via Title Parameter

SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the title parameter.

CVSS 8.8

View Code

CVE-2020-36077 WRITEUP HIGH WRITEUP

Tailor Management System 1 - SQL Injection via Order Add Customer Parameter

SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file

CVSS 8.8

View Code