Vulnerabilities > Alumni Management System Project

DATE CVE VULNERABILITY TITLE RISK
2021-07-22 CVE-2021-25210 Unrestricted Upload of File with Dangerous Type vulnerability in Alumni Management System Project Alumni Management System 1.0
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php.
network
low complexity
alumni-management-system-project CWE-434
critical
9.8
2021-07-22 CVE-2021-25212 SQL Injection vulnerability in Alumni Management System Project Alumni Management System 1.0
SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manage_event.php.
network
low complexity
alumni-management-system-project CWE-89
critical
9.8
2021-06-15 CVE-2020-29214 SQL Injection vulnerability in Alumni Management System Project Alumni Management System 1.0
SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php.
network
low complexity
alumni-management-system-project CWE-89
critical
9.8
2020-12-23 CVE-2020-28071 Cross-site Scripting vulnerability in Alumni Management System Project Alumni Management System 1.0
SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php.
network
low complexity
alumni-management-system-project CWE-79
4.8
2020-12-23 CVE-2020-28070 SQL Injection vulnerability in Alumni Management System Project Alumni Management System 1.0
SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the 'id' parameter.
network
low complexity
alumni-management-system-project CWE-89
critical
9.8
2020-12-15 CVE-2020-28072 Unrestricted Upload of File with Dangerous Type vulnerability in Alumni Management System Project Alumni Management System 1.0
A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0.
network
low complexity
alumni-management-system-project CWE-434
7.2