Filtered by vendor Kashipara
Subscriptions
Filtered by product Online Notice Board System
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-12233 | 2 Fabianros, Kashipara | 2 Online Notice Board, Online Notice Board System | 2024-12-11 | 7.3 High |
A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as critical. This issue affects some unknown processing of the file /registration.php of the component Profile Picture Handler. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
CVE-2023-50760 | 1 Kashipara | 1 Online Notice Board System | 2024-11-21 | 8.8 High |
Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f' parameter of user/update_profile_pic.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application. | ||||
CVE-2023-50753 | 1 Kashipara | 1 Online Notice Board System | 2024-11-21 | 9.8 Critical |
Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the user/update_profile.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-50752 | 1 Kashipara | 1 Online Notice Board System | 2024-11-21 | 9.8 Critical |
Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'e' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
CVE-2023-50743 | 1 Kashipara | 1 Online Notice Board System | 2024-11-21 | 9.8 Critical |
Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the registration.php resource does not validate the characters received and they are sent unfiltered to the database. |
Page 1 of 1.