Aggregates CVE and security vulnerability intelligence across all siamonhasan-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-42586 | A Cross-Site Request Forgery (CSRF) in the component categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.25% | 2024-08-20 | 2025-05-01 |
| CVE-2024-42585 | A Cross-Site Request Forgery (CSRF) in the component delete_media.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.34% | 2024-08-20 | 2025-05-01 |
| CVE-2024-42584 | A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.25% | 2024-08-20 | 2025-03-25 |
| CVE-2024-42583 | A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.31% | 2024-08-20 | 2024-08-21 |
| CVE-2024-42582 | A Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.31% | 2024-08-20 | 2024-08-21 |
| CVE-2024-42581 | A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.31% | 2024-08-20 | 2024-08-21 |
| CVE-2024-42580 | A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.17% | 2024-08-20 | 2024-08-21 |
| CVE-2024-42579 | A Cross-Site Request Forgery (CSRF) in the component add_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.31% | 2024-08-20 | 2024-08-21 |
| CVE-2024-42578 | A Cross-Site Request Forgery (CSRF) in the component edit_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.0 | 0.25% | 2024-08-20 | 2025-05-01 |
| CVE-2024-42577 | A Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.29% | 2024-08-20 | 2024-08-21 |
| CVE-2024-42576 | A Cross-Site Request Forgery (CSRF) in the component edit_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | [email protected] | 8.8 | 0.25% | 2024-08-20 | 2025-05-01 |
| CVE-2024-7460 | A vulnerability was found in OSWAPP Warehouse Inventory System 1.0/2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change_password.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273553 was assigned to this vulnerability. | [email protected] | 6.9 | 0.35% | 2024-08-04 | 2024-08-06 |
| CVE-2024-7459 | A vulnerability was found in OSWAPP Warehouse Inventory System 1.0/2.0. It has been classified as problematic. Affected is an unknown function of the file /edit_account.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273552. | [email protected] | 6.9 | 0.35% | 2024-08-04 | 2024-08-06 |