Vulnerabilities > Online Fire Reporting System Project > Online Fire Reporting System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-27 | CVE-2022-34611 | Cross-site Scripting vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 A cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "Contac #" text field. | 5.4 |
| 2022-07-26 | CVE-2022-31879 | SQL Injection vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter. | 8.8 |
| 2022-06-16 | CVE-2022-31906 | Cross-site Scripting vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php. | 4.8 |
| 2022-06-14 | CVE-2022-31415 | SQL Injection vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php. | 6.5 |
| 2022-06-02 | CVE-2022-31980 | SQL Injection vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=. | 7.2 |
| 2022-06-02 | CVE-2022-31981 | SQL Injection vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=. | 7.2 |
| 2022-06-02 | CVE-2022-31982 | SQL Injection vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=. | 7.2 |
| 2022-06-02 | CVE-2022-31983 | SQL Injection vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=. | 7.2 |
| 2022-06-02 | CVE-2022-31984 | SQL Injection vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=. | 7.2 |
| 2022-06-02 | CVE-2022-31973 | Unspecified vulnerability in Online Fire Reporting System Project Online Fire Reporting System 1.0 Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=delete_img. | 6.5 |