School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.
9.8CVSS
9.4AI Score
0.062EPSS
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
8.8CVSS
8.7AI Score
0.002EPSS
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
9.8CVSS
9.9AI Score
0.002EPSS