Vulnerabilities > Angeljudesuarez > Event Management System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-05 | CVE-2024-44727 | SQL Injection vulnerability in Angeljudesuarez Event Management System 1.0 Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username' in /event/admin/login.php. | 9.8 |
| 2024-09-05 | CVE-2024-44728 | Cross-site Scripting vulnerability in Angeljudesuarez Event Management System 1.0 Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact# in /clientdetails/admin/regester.php. | 6.1 |