Vulnerabilities > Home Owners Collection Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-02 | CVE-2024-6439 | Unrestricted Upload of File with Dangerous Type vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. | 9.8 |
| 2024-07-02 | CVE-2024-6440 | SQL Injection vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. | 9.8 |
| 2022-05-11 | CVE-2022-28077 | Cross-site Scripting vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter. | 6.1 |
| 2022-05-11 | CVE-2022-28078 | Cross-site Scripting vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter. | 6.1 |
| 2022-04-21 | CVE-2022-28414 | SQL Injection vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_member. | 9.8 |
| 2022-04-21 | CVE-2022-28415 | SQL Injection vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_collection. | 9.8 |
| 2022-04-21 | CVE-2022-28416 | SQL Injection vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. | 9.8 |
| 2022-04-21 | CVE-2022-28417 | SQL Injection vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_phase. | 9.8 |
| 2022-03-02 | CVE-2022-25115 | Unrestricted Upload of File with Dangerous Type vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 A remote code execution (RCE) vulnerability in the Avatar parameter under /admin/?page=user/manage_user of Home Owners Collection Management System v1.0 allows attackers to execute arbitrary code via a crafted PNG file. | 7.8 |
| 2022-03-02 | CVE-2022-25045 | Use of Hard-coded Credentials vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0 Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel. | 9.8 |