Amss++ Security Vulnerabilities and Issues — Amss++ CVE List

Lucene search

Amss++ ProjectAmss++

9 matches found

CVE•added 2024/03/18 2:15 p.m.•55 views

CVE-2024-2588

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/admin/index.php, in the 'id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

8.2CVSS8.3AI score0.00048EPSS

CVE•added 2024/03/18 2:15 p.m.•51 views

CVE-2024-2591

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_group.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

8.2CVSS8.3AI score0.00048EPSS

CVE•added 2024/03/18 2:15 p.m.•47 views

CVE-2024-2589

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_school_person.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in th...

8.2CVSS8.4AI score0.00048EPSS

CVE•added 2024/03/18 2:15 p.m.•45 views

CVE-2024-2590

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/mail/main/select_send.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

8.2CVSS8.3AI score0.00048EPSS

CVE•added 2024/03/18 2:15 p.m.•45 views

CVE-2024-2592

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/person/pic_show.php, in the 'person_id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

8.2CVSS8.3AI score0.00048EPSS

CVE•added 2024/03/18 2:15 p.m.•43 views

CVE-2024-2584

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

8.2CVSS8.3AI score0.00047EPSS

CVE•added 2024/03/18 2:15 p.m.•41 views

CVE-2024-2585

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send_2.php, in the 'sd_index' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

8.2CVSS8.3AI score0.00048EPSS

CVE•added 2024/03/18 2:15 p.m.•40 views

CVE-2024-2586

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB.

8.2CVSS8.3AI score0.00047EPSS

CVE•added 2024/03/18 2:15 p.m.•36 views

CVE-2024-2587

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_khet_person.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the ...

8.2CVSS8.3AI score0.00048EPSS