Kashipara

Online Notice Board System

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-50760

Exploit
  • EPSS 0.81%
  • Veröffentlicht 04.01.2024 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:37:15

Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f' parameter of user/update_profile_pic.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application....

9.8

CVE-2023-50743

Exploit
  • EPSS 0.07%
  • Veröffentlicht 04.01.2024 14:15:41
  • Zuletzt bearbeitet 21.11.2024 08:37:15

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the registration.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8

CVE-2023-50752

Exploit
  • EPSS 0.08%
  • Veröffentlicht 04.01.2024 14:15:41
  • Zuletzt bearbeitet 21.11.2024 08:37:15

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'e' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8

CVE-2023-50753

Exploit
  • EPSS 0.07%
  • Veröffentlicht 04.01.2024 14:15:41
  • Zuletzt bearbeitet 21.11.2024 08:37:15

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the user/update_profile.php resource does not validate the characters received and they are sent unfiltered to the database...