Online Fire Reporting System Project: >> Online Fire Reporting System >> 1.0 Security Vulnerabilities
A cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "Contac #" text field.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-07-27
Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.
CVSS Score
8.8
EPSS Score
0.011
Published
2022-07-26
Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-06-16
Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-06-14
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=.
CVSS Score
7.2
EPSS Score
0.147
Published
2022-06-02
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=.
CVSS Score
7.2
EPSS Score
0.147
Published
2022-06-02
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=.
CVSS Score
7.2
EPSS Score
0.147
Published
2022-06-02
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=.
CVSS Score
7.2
EPSS Score
0.635
Published
2022-06-02
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=.
CVSS Score
7.2
EPSS Score
0.125
Published
2022-06-02
Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=delete_img.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-06-02
Page 1