CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Codeastro 1Complaint Management System Apr 18, 2025 Feb 6, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Incorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management System v1.0 allows unauthorized attackers to arbitrarily delete complaints via modification of the id parameter. |
1Codeastro 1Complaint Management System Apr 3, 2025 Jan 3, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the delete_e.php component. |
1Codeastro 1Complaint Management System Apr 3, 2025 Dec 20, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component. |
1Codeastro 1Complaint Management System Apr 3, 2025 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id p...Show more |
1Codeastro 1Complaint Management System Apr 17, 2025 Dec 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component. |