Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Alumni Management System ProjectAlumni Management System

3 matches found

CVE
CVEadded 2020/12/23 6:15 p.m.54 views

CVE-2020-28070

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the 'id' parameter.

9.8CVSS9.9AI score0.09387EPSS
CVE
CVEadded 2020/12/23 6:15 p.m.38 views

CVE-2020-28071

SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored XSS.

4.8CVSS4.8AI score0.00288EPSS
CVE
CVEadded 2020/12/15 9:15 p.m.27 views

CVE-2020-28072

A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. An authenticated attacker can upload arbitrary file in the gallery.php page and executing it on the server reaching the RCE.

7.2CVSS7.2AI score0.02635EPSS