Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Schools Alert Management Script Project Subscribe
Filtered by product Schools Alert Management Script
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-6860 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2020-03-11 6.5 MEDIUM 8.8 HIGH
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.
CVE-2018-12051 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2018-07-17 7.5 HIGH 9.8 CRITICAL
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type.
CVE-2018-12052 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2018-07-17 7.5 HIGH 9.8 CRITICAL
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script via the q Parameter in get_sec.php.
CVE-2018-12053 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2018-07-17 6.4 MEDIUM 7.5 HIGH
Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Management Script via the img parameter in delete_img.php by using directory traversal.
CVE-2018-12054 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2018-07-17 5.0 MEDIUM 7.5 HIGH
Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal.
CVE-2018-12055 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2018-07-17 7.5 HIGH 9.8 CRITICAL
Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted POST data in contact_us.php, faq.php, about.php, photo_gallery.php, privacy.php, and so on.
CVE-2018-6859 1 Schools Alert Management Script Project 1 Schools Alert Management Script 2018-03-12 7.5 HIGH 9.8 CRITICAL
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script 2.0.2 via the Login Parameter.