Vulnerabilities (CVE)

Filtered by vendor School Event Management System Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-18793 1 School Event Management System Project 1 School Event Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.
CVE-2018-18795 1 School Event Management System Project 1 School Event Management System 2024-02-28 7.5 HIGH 9.8 CRITICAL
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
CVE-2018-18794 1 School Event Management System Project 1 School Event Management System 2024-02-28 6.8 MEDIUM 8.8 HIGH
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.