Schools Alert Management Script Security Vulnerabilities and Issues — Schools Alert Management Script CVE List

Lucene search

Schools Alert Management Script ProjectSchools Alert Management Script

7 matches found

CVE•added 2018/06/08 11:29 a.m.•62 views

CVE-2018-12054

Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal.

7.5CVSS7.5AI score0.70831EPSS

CVE•added 2018/06/08 11:29 a.m.•54 views

CVE-2018-12055

Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted POST data in contact_us.php, faq.php, about.php, photo_gallery.php, privacy.php, and so on.

9.8CVSS9.7AI score0.02226EPSS

CVE•added 2018/06/08 11:29 a.m.•49 views

CVE-2018-12053

Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Management Script via the img parameter in delete_img.php by using directory traversal.

7.5CVSS7.5AI score0.43844EPSS

CVE•added 2018/06/08 11:29 a.m.•45 views

CVE-2018-12052

SQL Injection exists in PHP Scripts Mall Schools Alert Management Script via the q Parameter in get_sec.php.

9.8CVSS9.9AI score0.02226EPSS

CVE•added 2018/02/23 6:29 p.m.•34 views

CVE-2018-6859

SQL Injection exists in PHP Scripts Mall Schools Alert Management Script 2.0.2 via the Login Parameter.

9.8CVSS9.9AI score0.00602EPSS

CVE•added 2018/06/08 11:29 a.m.•32 views

CVE-2018-12051

Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type.

9.8CVSS9.6AI score0.02443EPSS

CVE•added 2018/02/12 3:29 a.m.•29 views

CVE-2018-6860

Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.

8.8CVSS8.9AI score0.02295EPSS