Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking_id parameter at /admin/budget.php.
9.8CVSS
9.8AI Score
0.002EPSS
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_assign.php.
8.8CVSS
9AI Score
0.001EPSS
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php.
7.2CVSS
7.2AI Score
0.001EPSS
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/select.php.
8.8CVSS
8.9AI Score
0.001EPSS
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /wedding_details.php.
9.8CVSS
9.8AI Score
0.002EPSS
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_edit.php.
9.8CVSS
9.8AI Score
0.002EPSS
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /package_detail.php.
9.8CVSS
9.8AI Score
0.002EPSS
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photos_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
8.8CVSS
8.8AI Score
0.001EPSS
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/users_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
8.8CVSS
8.8AI Score
0.001EPSS
Wedding Planner v1.0 is vulnerable to arbitrary code execution via users_profile.php.
8.8CVSS
8.9AI Score
0.001EPSS
9.8CVSS
9.7AI Score
0.002EPSS
Wedding Planner v1.0 is vulnerable to Arbitrary code execution via package_edit.php.
8.8CVSS
8.8AI Score
0.001EPSS