Wedding Management System Project Wedding Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Wedding Management System Project Wedding Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2022-29656 — CVSS 9.8 (critical): Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_d…
CVE-2022-30821 — CVSS 8.8 (high): In Wedding Management System v1.0, the editing function of the "Services" module in the background management system has an arbitrary file…
CVE-2022-30822 — CVSS 8.8 (high): In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_profile.php" file.
CVE-2022-30819 — CVSS 8.8 (high): In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "photos_edit.php" file.
CVE-2022-30820 — CVSS 8.8 (high): In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_edit.php" file.
CVE-2022-30831 — CVSS 7.2 (high): Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details.php.
CVE-2022-30832 — CVSS 7.2 (high): Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_assign.php?booking=31&user_id=.
CVE-2022-30833 — CVSS 7.2 (high): Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_edit.php?booking=31&user_id=.
CVE-2022-30834 — CVSS 7.2 (high): Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_manage_account_details.php?booking_id=31&…
CVE-2022-30835 — CVSS 7.2 (high): Wedding Management System v1.0 is vulnerable to SQL Injection. via /Wedding-Management/admin/budget.php?booking_id=.
CVE-2022-29655 — CVSS 7.2 (high): An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary…
CVE-2022-30836 — CVSS 7.2 (high): Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php.
CVE-2022-30818 — CVSS 7.2 (high): Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blog_events_edit.php?id=31.
CVE-2022-30823 — CVSS 7.2 (high): Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blog_events_edit.php.