Asp.Net-Core-Inventory-Order-Management-System

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2026-3263

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-5.3||MEDIUM

EPSS-0.03% / 9.59%

7 Day CHG~0.00%

Published-26 Feb, 2026 | 21:32

Updated-27 Feb, 2026 | 14:06

go2ismail Asp.Net-Core-Inventory-Order-Management-System Security API improper authorization

A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown functionality of the file /api/Security/ of the component Security API. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor-go2ismail

Product-Asp.Net-Core-Inventory-Order-Management-System

CWE ID-CWE-266

Incorrect Privilege Assignment

CWE ID-CWE-285

Improper Authorization

CVE-2026-3262

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-5.3||MEDIUM

EPSS-0.05% / 15.53%

7 Day CHG~0.00%

Published-26 Feb, 2026 | 21:02

Updated-27 Feb, 2026 | 15:15

go2ismail Asp.Net-Core-Inventory-Order-Management-System Administrative redirect

A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected is an unknown function of the component Administrative Interface. Such manipulation leads to execution after redirect. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor-go2ismail

Product-Asp.Net-Core-Inventory-Order-Management-System

CWE ID-CWE-698

Execution After Redirect (EAR)

CWE ID-CWE-705

Incorrect Control Flow Scoping