3 matches found
CVE-2022-41538
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photosadd.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
PT-2022-25924 · Unknown · Wedding Planner
Name of the Vulnerable Software and Affected Versions: Wedding Planner version 1.0 Description: The issue is related to an arbitrary file upload vulnerability in the /Wedding-Management-PHP/admin/photos add.php component. This allows attackers to execute arbitrary code via a crafted PHP file...
PT-2022-26317 · Unknown · Wedding Planner
Name of the Vulnerable Software and Affected Versions: Wedding Planner version 1.0 Description: The issue allows for arbitrary code execution via the "package edit.php" endpoint. Recommendations: For version 1.0, update to a version that fixes this issue, if available, or consider disabling acces...