2 matches found
CVE-2022-45526
CVE-2022-45526 affects Future-Depth Institutional Management Website (IMS) 1.0. The vulnerability is a SQL injection in /admin_area/login_transfer.php via the ad parameter, enabling arbitrary commands. CVSS v3.1 base score is 9.8 (CRITICAL) with network attack vector, low complexity, no privilege...
CVE-2022-45527
CVE-2022-45527 affects Future-Depth Institutional Management Website (IMS) 1.0. The vulnerability is an unauthenticated file upload flaw that allows direct uploads to the courseimg directory, enabling attackers to place malicious files. CVSSv3.1 metrics indicate a critical impact (CVSS:3.1/AV:N/A...