Vulnerabilities > Home Owners Collection Management System Project > Home Owners Collection Management System > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-11 CVE-2022-28077 Cross-site Scripting vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0
Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter.
4.3
2022-05-11 CVE-2022-28078 Cross-site Scripting vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0
Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter.
4.3
2022-03-02 CVE-2022-25115 Unrestricted Upload of File with Dangerous Type vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0
A remote code execution (RCE) vulnerability in the Avatar parameter under /admin/?page=user/manage_user of Home Owners Collection Management System v1.0 allows attackers to execute arbitrary code via a crafted PNG file.
6.8
2022-02-28 CVE-2022-25028 Cross-site Scripting vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0
Home Owners Collection Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the collected_by parameter under the List of Collections module.
4.3
2022-02-26 CVE-2022-25094 Unspecified vulnerability in Home Owners Collection Management System Project Home Owners Collection Management System 1.0
Home Owners Collection Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the parameter "cover" in SystemSettings.php.
6.5