Product: Garage Management System
Vendor: https://www.sourcecodester.com/users/mayurik
Affected Version(s): 1.0
CVE ID: CVE-2022-36639
Description: A stored cross-site scripting (XSS) vulnerability in /client.php of Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
Product: Garage Management System
Vendor: https://www.sourcecodester.com/users/mayurik
Affected Version(s): 1.0
CVE ID: CVE-2022-36638
Description: An access control issue in the component print.php of Garage Management System v1.0 allows unauthenticated attackers to access data for all existing orders.
Product: Garage Management System
Vendor: https://www.sourcecodester.com/users/mayurik
Affected Version(s): 1.0
CVE ID: CVE-2022-36637
Description: Garage Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the "brand_name" parameter at /brand.php.
Product: Garage Management System
Vendor: https://www.sourcecodester.com/users/mayurik
Affected Version(s): 1.0
CVE ID: CVE-2022-36636
Description: Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php
Product: InvetoryManagementSystem
Vendor: https://github.com/sazanrjb
Affected Version(s): 1.0
CVE ID: CVE-2022-36259
Description: A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc.
Product: InvetoryManagementSystem
Vendor: https://github.com/sazanrjb
Affected Version(s): 1.0
CVE ID: CVE-2022-36258
Description: A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".
Product: InvetoryManagementSystem
Vendor: https://github.com/sazanrjb
Affected Version(s): 1.0
CVE ID: CVE-2022-36257
Description: A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc.
Product: InvetoryManagementSystem
Vendor: https://github.com/sazanrjb
Affected Version(s): 1.0
CVE ID: CVE-2022-36256
Description: A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode".
Product: InvetoryManagementSystem
Vendor: https://github.com/sazanrjb
Affected Version(s): 1.0
CVE ID: CVE-2022-36255
Description: A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".
Product: Hotel Management System
Vendor: https://github.com/tramyardg
Affected Version(s): 1.0
CVE ID: CVE-2022-36254
Description: Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname".