Vulnerabilities (CVE)

Filtered by vendor Simple Sales Management System Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-23026 1 Simple Sales Management System Project 1 Simple Sales Management System 2024-02-28 N/A 6.1 MEDIUM
Cross site scripting (XSS) vulnerability in sourcecodester oretnom23 sales management system 1.0, allows attackers to execute arbitrary code via the product_name and product_price inputs in file print.php.
CVE-2022-2293 1 Simple Sales Management System Project 1 Simple Sales Management System 2024-02-28 3.5 LOW 5.4 MEDIUM
A vulnerability classified as problematic was found in SourceCodester Simple Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ci_ssms/index.php/orders/create. The manipulation of the argument customer_name with the input <script>alert("XSS")</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.