Aggregates CVE and security vulnerability intelligence across all event_management_system_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise and vendor impact data exposure.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-1102 | A vulnerability classified as problematic has been found in SourceCodester Royale Event Management System 1.0. Affected is an unknown function of the file /royal_event/companyprofile.php. The manipulation of the argument companyname/regno/companyaddress/companyemail leads to cross site scripting. It is possible to launch the attack remotely. VDB-195786 is the identifier assigned to this vulnerability. | [email protected] | 4.3 | 0.30% | 2023-01-07 | 2024-11-21 |
| CVE-2022-1101 | A vulnerability was found in SourceCodester Royale Event Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /royal_event/userregister.php. The manipulation leads to improper authentication. The attack may be initiated remotely. The identifier VDB-195785 was assigned to this vulnerability. | [email protected] | 7.3 | 0.60% | 2023-01-07 | 2024-11-21 |
| CVE-2022-38323 | Event Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /Royal_Event/update_image.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | [email protected] | 7.2 | 0.99% | 2022-09-15 | 2024-11-21 |
| CVE-2022-28080 | Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter. | [email protected] | 8.8 | 44.76% | 2022-05-05 | 2024-11-21 |