Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Event Management System Project Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1102 1 Event Management System Project 1 Event Management System 2023-01-12 N/A 6.1 MEDIUM
A vulnerability classified as problematic has been found in SourceCodester Royale Event Management System 1.0. Affected is an unknown function of the file /royal_event/companyprofile.php. The manipulation of the argument companyname/regno/companyaddress/companyemail leads to cross site scripting. It is possible to launch the attack remotely. VDB-195786 is the identifier assigned to this vulnerability.
CVE-2022-1101 1 Event Management System Project 1 Event Management System 2023-01-12 N/A 9.8 CRITICAL
A vulnerability was found in SourceCodester Royale Event Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /royal_event/userregister.php. The manipulation leads to improper authentication. The attack may be initiated remotely. The identifier VDB-195785 was assigned to this vulnerability.
CVE-2022-38323 1 Event Management System Project 1 Event Management System 2022-09-16 N/A 7.2 HIGH
Event Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /Royal_Event/update_image.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-28080 1 Event Management System Project 1 Event Management System 2022-05-12 6.5 MEDIUM 8.8 HIGH
Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter.