xuewawa/bug_report

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-41533 ↗	Oct 13, 2022Thursday, 13 October 2022, 21:15	7.2 HIGH	—
Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-41534 ↗	Oct 13, 2022Thursday, 13 October 2022, 21:15	7.2 HIGH	—
Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /php_action/createOrder.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.