Every CVE whose affected-product data names Amss++ Project Amss++, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2024-2599 — CVSS 9.9 (critical): File upload restriction evasion vulnerability in AMSS++ version 4.31. This vulnerability could allow an authenticated user to potentially…
CVE-2024-2585 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send_2.php, in the 'sd_index'…
CVE-2024-2586 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/index.php, in the 'username' parameter. This vulnerability…
CVE-2024-2587 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_khet_person.php, in multiple…
CVE-2024-2588 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/admin/index.php, in the 'id' parameter. This vulnerability…
CVE-2024-2589 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_school_person.php, in…
CVE-2024-2590 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/mail/main/select_send.php, in the 'sd_index'…
CVE-2024-2591 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_group.php, in multiple…
CVE-2024-2584 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/select_send.php, in the 'sd_index'…
CVE-2024-2592 — CVSS 8.2 (high): Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/person/pic_show.php, in the 'person_id' parameter…
CVE-2024-2594 — CVSS 7.1 (high): Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS)…
CVE-2024-2595 — CVSS 7.1 (high): Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS)…
CVE-2024-2596 — CVSS 7.1 (high): Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS)…
CVE-2024-2597 — CVSS 7.1 (high): Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS)…
CVE-2024-2598 — CVSS 7.1 (high): Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS)…
CVE-2024-2593 — CVSS 7.1 (high): Vulnerability in AMSS++ version 4.31, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS)…