Filtered by vendor Schools Alert Management Script Project Subscriptions
Filtered by product Schools Alert Management Script Subscriptions
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-6860 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2024-11-21 8.8 High
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.
CVE-2018-6859 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2024-11-21 N/A
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script 2.0.2 via the Login Parameter.
CVE-2018-12055 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2024-11-21 N/A
Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted POST data in contact_us.php, faq.php, about.php, photo_gallery.php, privacy.php, and so on.
CVE-2018-12054 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2024-11-21 N/A
Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal.
CVE-2018-12053 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2024-11-21 N/A
Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Management Script via the img parameter in delete_img.php by using directory traversal.
CVE-2018-12052 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2024-11-21 N/A
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script via the q Parameter in get_sec.php.
CVE-2018-12051 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2024-11-21 N/A
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type.