z1pwn/bug_report

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-39976 ↗	Oct 27, 2022Thursday, 27 October 2022, 20:15	9.8 CRITICAL	—
School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /modules/announcement/index.php?view=edit&id=.
CVE-2022-39977 ↗	Oct 27, 2022Thursday, 27 October 2022, 20:15	7.2 HIGH	—
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point.
CVE-2022-39978 ↗	Oct 27, 2022Thursday, 27 October 2022, 20:15	7.2 HIGH	—
Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point.
CVE-2022-36657 ↗	Aug 30, 2022Tuesday, 30 August 2022, 21:15	4.8 MEDIUM	—
Library Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /librarian/edit_book_details.php.