Vulnerabilities > Nosh Chartingsystem Project > Nosh Chartingsystem

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2023-24610 Unrestricted Upload of File with Dangerous Type vulnerability in Nosh Chartingsystem Project Nosh Chartingsystem 20210313
NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature.
network
low complexity
nosh-chartingsystem-project CWE-434
8.8
8.8
2023-01-29 CVE-2023-24065 Cross-site Scripting vulnerability in Nosh Chartingsystem Project Nosh Chartingsystem
NOSH 4a5cfdb allows stored XSS via the create user page.
network
low complexity
nosh-chartingsystem-project CWE-79
5.4
5.4