Vulnerabilities > Kashipara > Online Notice Board System

DATE CVE VULNERABILITY TITLE RISK
2024-01-04 CVE-2023-50760 Unrestricted Upload of File with Dangerous Type vulnerability in Kashipara Online Notice Board System 1.0
Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f' parameter of user/update_profile_pic.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.
network
low complexity
kashipara CWE-434
8.8
8.8
2024-01-04 CVE-2023-50743 SQL Injection vulnerability in Kashipara Online Notice Board System 1.0
Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
kashipara CWE-89
critical
 9.8
9.8
2024-01-04 CVE-2023-50752 SQL Injection vulnerability in Kashipara Online Notice Board System 1.0
Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
kashipara CWE-89
critical
 9.8
9.8
2024-01-04 CVE-2023-50753 SQL Injection vulnerability in Kashipara Online Notice Board System 1.0
Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
kashipara CWE-89
critical
 9.8
9.8