11 matches found
CVE-2021-25210
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manageevent.php...
CVE-2020-28072
A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. An authenticated attacker can upload arbitrary file in the gallery.php page and executing it on the server reaching the RCE...
Sourcecodester Alumni Management System SQL Injection Vulnerability
Sourcecodester Alumni Management System is a Php, Mysql-based alumni management system from Sourcecodester, Inc. SourceCodester Alumni Management System version 1.0 is vulnerable to SQL injection, which allows remote attacker can exploit this vulnerability to execute arbitrary SQL statements via...
CVE-2021-25210
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manageevent.php...
Privilege escalation
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manageevent.php...
CVE-2021-25210
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manageevent.php...
CVE-2020-29214
SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php...
CVE-2020-29214
CVE-2020-29214 affects SourceCodester’s Alumni Management System 1.0. The vulnerability is a SQL injection in admin/login.php caused by unsanitized input, enabling unauthenticated attackers to bypass login and gain access to administrative data. Documented impact includes authentication bypass wi...
CVE-2020-29214
SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php...
Cross site scripting
SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting XSS in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored XSS...
CVE-2020-28071
SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting XSS in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored XSS...