Vulnerabilities > Engineers Online Portal Project

DATE CVE VULNERABILITY TITLE RISK
2021-11-05 CVE-2021-42669 Unrestricted Upload of File with Dangerous Type vulnerability in Engineers Online Portal Project Engineers Online Portal
A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php.
network
low complexity
engineers-online-portal-project CWE-434
critical
 9.8
9.8
2021-11-05 CVE-2021-42670 SQL Injection vulnerability in Engineers Online Portal Project Engineers Online Portal
A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to the announcements_student.php web page.
network
low complexity
engineers-online-portal-project CWE-89
critical
 9.8
9.8
2021-11-05 CVE-2021-42671 Forced Browsing vulnerability in Engineers Online Portal Project Engineers Online Portal
An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads.
network
low complexity
engineers-online-portal-project CWE-425
7.5
7.5