756 matches found
CVE-2022-31945
CVE-2022-31945 affects Rescue Dispatch Management System v1.0. The vulnerability enables arbitrary file deletion via /rdms/classes/Master.php?f=delete_img due to missing validation for file names in the delete_img path. Impact is described as arbitrary file deletion with high integrity and availa...
CVE-2022-31946
The CVE-2022-31946 entry affects Rescue Dispatch Management System v1.0. The vulnerability is an SQL Injection in the delete_team path: /rdms/classes/Master.php?f=delete_team. Root cause cited across sources is lack of validation of externally supplied SQL statements in that page/file, enabling t...
CVE-2022-31948
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=deletereport...
CVE-2022-31951
Affected software: Rescue Dispatch Management System v1.0. Vulnerability: SQL Injection via /rdms/classes/Master.php?f=delete_respondent_type. The connected documents consistently describe an injectable SQL statement in this endpoint, indicating input validation may be missing for this parameter....
CVE-2022-31951
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=deleterespondenttype...
CVE-2022-31952
The CVE-2022-31952 entry concerns Rescue Dispatch Management System v1.0, where the vulnerability exists in the SQL handling of the delete_incident path (Master.php?f=delete_incident). The root cause is an SQL injection risk due to lack of input validation/external SQL statement handling, as desc...
CVE-2022-31952
Rescue Dispatch Management System v1.0 is vulnerable to SQL injection via /rdms/classes/Master.php?f=deleteincident...
CVE-2022-31953
Rescue Dispatch Management System v1.0 is affected by an SQL Injection vulnerability disclosed as CVE-2022-31953, reachable via /rdms/admin/incident_reports/view_report.php?id=. The root cause is lack of input validation for external SQL statements, enabling attackers to craft input that alters q...
CVE-2022-31956
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidentreports/managereport.php?id=...
CVE-2022-31956
Summary: CVE-2022-31956 affects Rescue Dispatch Management System v1.0. The vulnerability is an SQL Injection in the admin reporting page (/rdms/admin/incident_reports/manage_report.php?id=) caused by unvalidated external input. They report that the page lacks input validation for SQL statements,...
CVE-2022-31959
CVE-2022-31959 affects Rescue Dispatch Management System v1.0. The vulnerability is a SQL injection in /rdms/admin/teams/manage_team.php?id= due to lack of input validation. Consequences include potential exposure of database data. Exploitation details, affected versions beyond v1.0, and a remedi...
CVE-2022-31959
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams/manageteam.php?id=...
CVE-2022-31961
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/manageincident.php?id=...
CVE-2022-31961
The CVE-2022-31961 entry concerns Rescue Dispatch Management System v1.0, which is vulnerable to SQL Injection via the parameter id in /rdms/admin/incidents/manage_incident.php?id=. The Red Hat/CNVD/CNNVD and other connected records corroborate a SQLi flaw originating from lack of input validatio...
CVE-2022-31962
CVE-2022-31962 affects Rescue Dispatch Management System v1.0, with a SQL Injection vulnerability exploitable via /rdms/admin/incidents/view_incident.php?id=. The issue stems from lack of input validation on that parameter, enabling attackers to manipulate SQL queries and potentially access or ex...
CVE-2022-31964
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection in rdms/admin/respondent_types/view_respondent_type.php?id=, due to lack of input validation for external SQL statements. This CVE is referenced across multiple feeds (NVD/NVD CNVD/CNNVD/Red Hat) with a high-severity impact (CV...
CVE-2022-31964
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/respondenttypes/viewrespondenttype.php?id=...
CVE-2022-31965
CVE-2022-31965 affects Rescue Dispatch Management System v1.0. Multiple connected sources confirm a SQL Injection vulnerability in /rdms/admin/respondent_types/manage_respondent_type.php?id= due to lack of input validation. The consequence is potential database data exposure or modification as de...
CVE-2022-31965
Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/respondenttypes/managerespondenttype.php?id=...
Rescue Dispatch Management System Access Control Error Vulnerability
Rescue Dispatch Management System is a rescue dispatch management system from Carlo Montero's personal developer. version 1.0 of Rescue Dispatch Management System contains an access control error vulnerability that could be exploited by attackers to cause unauthorized access...