9 matches found
EUVD-2022-52632
Malicious code in bioql PyPI...
CVE-2022-30820
In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "usersedit.php" file...
CVE-2022-30820
In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "usersedit.php" file...
CVE-2022-30820
In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "usersedit.php" file...
Privilege escalation
In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "usersedit.php" file...
CVE-2022-30820
CVE-2022-30820 affects Wedding Management v1.0. The vulnerability is an arbitrary file upload at the picture upload point in users_edit.php, enabling upload of potentially malicious files. CVSS v3.1 base score is 8.8 (HIGH) with network access and no authentication, according to the NVD entry; CV...
CVE-2022-30829
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\usersedit.php...
CVE-2022-30829
CVE-2022-30829 affects Wedding Management System v1.0. A SQL Injection vulnerability exists in admin/users_edit.php due to insufficient input validation, enabling potentially unauthorized access to or manipulation of database data (CVE details show high-severity impact with C/H/I/A = High). Publi...
Design/Logic Flaw
Kordil EDMS through 2.2.60rc3 allows stored XSS in usersedit.php, usersmanagementedit.php, and usermanagement.php...