Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2018-18795

Disclosure Date: November 16, 2018 (last updated November 27, 2024)
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
0
0
Attacker Value
Unknown

CVE-2018-18794

Disclosure Date: November 16, 2018 (last updated November 27, 2024)
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
0
0
Attacker Value
Unknown

CVE-2018-18793

Disclosure Date: November 16, 2018 (last updated November 27, 2024)
School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.
0
0