PT-2022-12041 · Unknown · Mini-Inventory-And-Sales-Management-System

Published

2022-03-04

Updated

2022-03-10

CVE-2021-44321

CVSS v3.1

5.0

Medium

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Mini-Inventory-and-Sales-Management-System (affected versions not specified)

Description The issue allows an attacker to update or delete items in the inventory through Cross Site Request Forgery (CSRF). To exploit this, the attacker must be logged into the application and create a malicious file for updating the inventory details and items.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2021-44321

Affected Products

Mini-Inventory-And-Sales-Management-System

PT-2022-12041 · Unknown · Mini-Inventory-And-Sales-Management-System

CVE-2021-44321

Weakness Enumeration

Related Identifiers

Affected Products

References · 6