money_transfer_management_system_project CVE 脆弱性と CVE 一覧(9)

製品(CPE): — CVE 件数: 9

money_transfer_management_system_project 脆弱性概要

money_transfer_management_system_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

公開された問題は vendor risk sql injection and vendor risk cross-site scripting に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で vendor impact data exposure and vendor impact session compromise などの暴露リスクを伴う場合があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 19 / 9 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2021-44582 A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL. [email protected] 8.8 1.39% 2022-06-10 2026-06-17
CVE-2022-29746 Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete. [email protected] 9.8 1.07% 2022-05-12 2026-06-17
CVE-2022-29745 Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_transaction. [email protected] 9.8 1.07% 2022-05-12 2026-06-17
CVE-2022-29741 Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_fee. [email protected] 9.8 1.07% 2022-05-12 2026-06-17
CVE-2022-29739 Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=. [email protected] 9.8 1.07% 2022-05-12 2026-06-17
CVE-2022-29738 Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id. [email protected] 9.8 1.07% 2022-05-12 2026-06-17
CVE-2022-25223 Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/view_details' via the 'id' parameter. [email protected] 4.3 0.77% 2022-03-23 2026-06-17
CVE-2022-25222 Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/manage_branch.php' and 'admin/maintenance/manage_fee.php' via the 'id' parameter. [email protected] 9.8 1.62% 2022-03-23 2026-06-17
CVE-2022-25221 Money Transfer Management System Version 1.0 allows an attacker to inject JavaScript code in the URL and then trick a user into visit the link in order to execute JavaScript code. [email protected] 6.1 0.69% 2022-03-23 2026-06-17
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence