Online Notice Board System Security Vulnerabilities and Issues — Online Notice Board System CVE List

Lucene search

KashiparaOnline Notice Board System

5 matches found

CVE•added 2024/12/05 5:15 p.m.•49 views

CVE-2024-12233

A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as critical. This issue affects some unknown processing of the file /registration.php of the component Profile Picture Handler. The manipulation of the argument img leads to unrestricted upload. The attack may b...

9.8CVSS7.3AI score0.00045EPSS

CVE•added 2024/01/04 3:15 p.m.•32 views

CVE-2023-50760

Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f' parameter of user/update_profile_pic.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.

8.8CVSS8.7AI score0.00805EPSS

CVE•added 2024/01/04 2:15 p.m.•29 views

CVE-2023-50752

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'e' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS9.8AI score0.00082EPSS

CVE•added 2024/01/04 2:15 p.m.•22 views

CVE-2023-50753

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the user/update_profile.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS9.8AI score0.00072EPSS

CVE•added 2024/01/04 2:15 p.m.•21 views

CVE-2023-50743

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the registration.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS9.8AI score0.00072EPSS