Wedding Management System Project: Security Vulnerabilities
In Wedding Management System v1.0, the editing function of the "Services" module in the background management system has an arbitrary file upload vulnerability in the picture upload point of "package_edit.php" file.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-06-02
In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_profile.php" file.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-06-02
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blog_events_edit.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-02
An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.009
Published
2022-05-11
Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-05-11