Schools Alert Management Script Project: >> Schools Alert Management Script Security Vulnerabilities
Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted POST data in contact_us.php, faq.php, about.php, photo_gallery.php, privacy.php, and so on.
CVSS Score
9.8
EPSS Score
0.022
Published
2018-06-08
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type.
CVSS Score
9.8
EPSS Score
0.024
Published
2018-06-08
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script via the q Parameter in get_sec.php.
CVSS Score
9.8
EPSS Score
0.022
Published
2018-06-08
Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Management Script via the img parameter in delete_img.php by using directory traversal.
CVSS Score
7.5
EPSS Score
0.438
Published
2018-06-08
Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal.
CVSS Score
7.5
EPSS Score
0.708
Published
2018-06-08
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script 2.0.2 via the Login Parameter.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-02-23
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.
CVSS Score
8.8
EPSS Score
0.023
Published
2018-02-12