Arajawat007 - Security Researcher - Exploit Intelligence Platform

CVE-2023-39707 NOMISEC MEDIUM NO CODE

Free and Open Source Inventory Management System 1.0 - Stored Cross-Site Scripting via Add Expense Parameter

A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section.

CVSS 5.4

View Code

CVE-2023-39708 NOMISEC MEDIUM NO CODE

Free and Open Source Inventory Management System 1.0 - Stored Cross-Site Scripting via Add New Parameter

A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section.

CVSS 6.1

View Code

CVE-2023-39709 NOMISEC MEDIUM NO CODE

Free and Open Source Inventory Management System 1.0 - Stored Cross-Site Scripting via Add Member Parameters

Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section.

CVSS 6.1

View Code

CVE-2023-39710 NOMISEC MEDIUM NO CODE

Free and Open Source Inventory Management System 1.0 - Stored Cross-Site Scripting via Add Customer Parameters

Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section.

CVSS 6.1

View Code

CVE-2023-39711 NOMISEC MEDIUM NO CODE

Free and Open Source Inventory Management System 1.0 - Stored Cross-Site Scripting via Subtotal and Paidbill Parameters

Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section.

CVSS 6.1

View Code

CVE-2023-39712 NOMISEC MEDIUM NO CODE

Free and Open Source Inventory Management System 1.0 - Stored XSS via Name, Address, and Company Parameters

Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section.

CVSS 6.1

View Code

CVE-2023-39714 NOMISEC MEDIUM NO CODE

Free and Open Source Inventory Management System 1.0 - Stored XSS via Name, Address, and Company Parameters

Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section.

CVSS 6.1

View Code