8 matches found
CVE-2021-28294
Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution RCE...
CVE-2024-28294
Limbas up to v5.2.14 was discovered to contain a SQL injection vulnerability via the ftid parameter...
CVE-2024-28294
Limbas up to v5.2.14 was discovered to contain a SQL injection vulnerability via the ftid parameter...
CVE-2021-28294
creationtimestamp| type| source ---|---|--- 2021-03-16 23:30:17+00:00| seen| https://t.me/cibsecurity/24978...
CVE-2021-28294
Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution RCE...
CVE-2021-28294
CVE-2021-28294 affects Online Ordering System 1.0. The vulnerability is an arbitrary file upload via the endpoint /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE). Several connected sources corroborate the RCE risk and the specific upload vector; an expl...
CVE-2020-28294
...
CVE-2020-28294
CVE-2020-28294 is rejected/not used; this candidate does not represent an active vulnerability entry.