Skip to main content

Alumni Management System

5 CVEs product

Monthly

CVE-2021-25212 CRITICAL POC Act Now

SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manage_event.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Alumni Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-25210 CRITICAL Act Now

Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE PHP File Upload Alumni Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-28071 MEDIUM POC This Month

SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Alumni Management System
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-28070 CRITICAL POC THREAT Act Now

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the 'id' parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi PHP Alumni Management System
NVD
CVSS 3.1
9.8
EPSS
22.9%
CVE-2020-28072 HIGH POC This Week

A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP Alumni Management System
NVD
CVSS 3.1
7.2
EPSS
2.6%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manage_event.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Alumni Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE PHP File Upload +1
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Alumni Management System
NVD
EPSS 23% CVSS 9.8
CRITICAL POC THREAT Act Now

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the 'id' parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi PHP +1
NVD
EPSS 3% CVSS 7.2
HIGH POC This Week

A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy