Microfinance Management System Project Microfinance Management System vulnerabilities
3 known vulnerabilities affecting microfinance_management_system_project/microfinance_management_system.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-27927P2CRITICALCVSS 9.8PoCv1.02022-04-19
CVE-2022-27927 [CRITICAL] CWE-89 CVE-2022-27927: A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.
nvd
CVE-2022-1082P3CRITICALCVSS 9.8v1.02022-03-29
CVE-2022-1082 [CRITICAL] CWE-89 CVE-2022-1082: A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as
A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the argument username/password with the input '||1=1# leads to sql injection. The attack may be initiated remotely.
nvd
CVE-2022-1081P4MEDIUMCVSS 6.1v1.02022-03-29
CVE-2022-1081 [MEDIUM] CWE-79 CVE-2022-1081: A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared
A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulation of the argument first_name, middle_name, and surname leads to cross site scripting. The attack can be initiated remotely.
nvd