Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Money transfer management system'
2022-06-10
CVE-2021-44582
CWE-425
A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL.
2022-05-12
CVE-2022-29738
CWE-89
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id.
CVE-2022-29739
CWE-89
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=.
CVE-2022-29741
CWE-89
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_fee.
CVE-2022-29745
CWE-89
Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php?f=delete_transaction.
CVE-2022-29746
CWE-89
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete.
2022-03-23
CVE-2022-25221
CWE-79
Money Transfer Management System Version 1.0 allows an attacker to inject JavaScript code in the URL and then trick a user into visit the link in order to execute JavaScript code.
CVE-2022-25222
CWE-89
Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/manage_branch.php' and 'admin/maintenance/manage_fee.php' via the 'id' parameter.
CVE-2022-25223
CWE-89
Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/view_details' via the 'id' parameter.
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 