Online Fire Reporting System Project Online Fire Reporting System — known CVE vulnerabilities
Every CVE whose affected-product data names Online Fire Reporting System Project Online Fire Reporting System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2022-31977 — CVSS 9.8 (critical): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_team.
CVE-2022-31978 — CVSS 9.8 (critical): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_inquiry.
CVE-2022-31976 — CVSS 9.8 (critical): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_request.
CVE-2022-31975 — CVSS 7.2 (high): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_user&id=.
CVE-2022-31980 — CVSS 7.2 (high): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=.
CVE-2022-31982 — CVSS 7.2 (high): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=.
CVE-2022-31981 — CVSS 7.2 (high): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=.
CVE-2022-31983 — CVSS 7.2 (high): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=.
CVE-2022-31984 — CVSS 7.2 (high): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=.
CVE-2022-31974 — CVSS 7.2 (high): Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=.
CVE-2022-31415 — CVSS 6.5 (medium): Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php.
CVE-2022-31973 — CVSS 6.5 (medium): Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=delete_img.
CVE-2022-34611 — CVSS 5.4 (medium): A cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute…
CVE-2022-31906 — CVSS 4.8 (medium): Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php.