Show filters
12 Total Results
Displaying 1-10 of 12
Sort by:
Attacker Value
Unknown

CVE-2022-41539

Disclosure Date: October 14, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/users_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-41538

Disclosure Date: October 14, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photos_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-42229

Disclosure Date: October 11, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 is vulnerable to Arbitrary code execution via package_edit.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-42034

Disclosure Date: October 11, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 is vulnerable to arbitrary code execution via users_profile.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-42075

Disclosure Date: October 07, 2022 (last updated December 22, 2024)
Wedding Planner v1.0 is vulnerable to arbitrary code execution.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-40485

Disclosure Date: September 26, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /package_detail.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-40484

Disclosure Date: September 26, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_edit.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-40483

Disclosure Date: September 26, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /wedding_details.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-40404

Disclosure Date: September 26, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/select.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-40403

Disclosure Date: September 26, 2022 (last updated February 24, 2025)
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
View More Topics  Next >