VYPR
Vendor

Online Notice Board System

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2023-50753CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the user/update_profile.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-50752CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'e' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-50743CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'dd' parameter of the registration.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-50760HigJan 4, 2024
    risk 0.57cvss 8.8epss 0.01

    Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'f' parameter of user/update_profile_pic.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.