wedding_management_system_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に vendor risk sql injection などに関し、一部は vendor impact data exposure を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-30836 | Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php. | [email protected] | 7.2 | 0.33% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30835 | Wedding Management System v1.0 is vulnerable to SQL Injection. via /Wedding-Management/admin/budget.php?booking_id=. | [email protected] | 7.2 | 0.33% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30834 | Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_manage_account_details.php?booking_id=31&user_id= | [email protected] | 7.2 | 0.30% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30833 | Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_edit.php?booking=31&user_id=. | [email protected] | 7.2 | 0.30% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30832 | Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_assign.php?booking=31&user_id=. | [email protected] | 7.2 | 0.30% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30831 | Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details.php. | [email protected] | 7.2 | 0.30% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30830 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\feature_edit.php. | [email protected] | 7.2 | 0.30% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30829 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php. | [email protected] | 7.2 | 0.33% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30828 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php. | [email protected] | 7.2 | 0.27% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30827 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php. | [email protected] | 7.2 | 0.27% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30826 | Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php. | [email protected] | 7.2 | 0.27% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30825 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php. | [email protected] | 7.2 | 0.27% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30823 | Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blog_events_edit.php. | [email protected] | 7.2 | 0.27% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30822 | In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_profile.php" file. | [email protected] | 8.8 | 0.40% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30821 | In Wedding Management System v1.0, the editing function of the "Services" module in the background management system has an arbitrary file upload vulnerability in the picture upload point of "package_edit.php" file. | [email protected] | 8.8 | 0.40% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30820 | In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "users_edit.php" file. | [email protected] | 8.8 | 0.41% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30819 | In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "photos_edit.php" file. | [email protected] | 8.8 | 0.41% | 2022-06-02 | 2024-11-21 |
| CVE-2022-30818 | Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blog_events_edit.php?id=31. | [email protected] | 7.2 | 0.30% | 2022-06-02 | 2024-11-21 |
| CVE-2022-29656 | Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php. | [email protected] | 9.8 | 0.37% | 2022-05-11 | 2024-11-21 |
| CVE-2022-29655 | An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | [email protected] | 7.2 | 0.99% | 2022-05-11 | 2024-11-21 |