Vulnerabilities > Intern Record System Project

DATE CVE VULNERABILITY TITLE RISK
2023-02-18 CVE-2022-40348 Cross-site Scripting vulnerability in Intern Record System Project Intern Record System 1.0
Cross Site Scripting (XSS) vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'name' and 'email' parameters, allows attackers to execute arbitrary code.
network
low complexity
intern-record-system-project CWE-79
5.4
2023-02-17 CVE-2022-40347 SQL Injection vulnerability in Intern Record System Project Intern Record System 1.0
SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.
network
low complexity
intern-record-system-project CWE-89
critical
9.8