kaliankhe/CVE-Aslam-mahi

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-36597 ↗	Jun 14, 2024Friday, 14 June 2024, 18:15	8.8 HIGH	—
Aegon Life v1.0 was discovered to contain a SQL injection vulnerability via the client_id parameter at clientStatus.php.
CVE-2024-36598 ↗	Jun 14, 2024Friday, 14 June 2024, 18:15	8.1 HIGH	—
An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary code via uploading a crafted image file.
CVE-2024-36599 ↗	Jun 14, 2024Friday, 14 June 2024, 18:15	6.1 MEDIUM	—
A cross-site scripting (XSS) vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at insertClient.php.