Event Management System Project: >> Event Management System >> 1.0 Security Vulnerabilities
A vulnerability was found in SourceCodester Royale Event Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /royal_event/userregister.php. The manipulation leads to improper authentication. The attack may be initiated remotely. The identifier VDB-195785 was assigned to this vulnerability.
CVSS Score
7.3
EPSS Score
0.002
Published
2023-01-07
A vulnerability classified as problematic has been found in SourceCodester Royale Event Management System 1.0. Affected is an unknown function of the file /royal_event/companyprofile.php. The manipulation of the argument companyname/regno/companyaddress/companyemail leads to cross site scripting. It is possible to launch the attack remotely. VDB-195786 is the identifier assigned to this vulnerability.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-01-07
Event Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /Royal_Event/update_image.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-15
Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter.
CVSS Score
8.8
EPSS Score
0.773
Published
2022-05-05