Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-02	CVE-2022-24240	SQL Injection vulnerability in Aceware Aceweb Online Portal 3.5.065 ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp. network low complexity aceware CWE-89 critical	9.8
2022-06-02	CVE-2022-24239	Unrestricted Upload of File with Dangerous Type vulnerability in Aceware Aceweb Online Portal 3.5.065 ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp. network low complexity aceware CWE-434 critical	9.8