Wedding Planner

wedding_planner

Vendor: Wedding Planner Project • 12 CVEs

CVEs (12)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-41539 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Oct 14, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/users_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-41538 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Oct 14, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photos_add.php. This vulnerability allows attackers to execute arbitrary code via a cra...Show more Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photos_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.Show less
CVE-2022-42229 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Oct 11, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Wedding Planner v1.0 is vulnerable to Arbitrary code execution via package_edit.php.
CVE-2022-42034 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Oct 11, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Wedding Planner v1.0 is vulnerable to arbitrary code execution via users_profile.php.
CVE-2022-42075 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Oct 7, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Wedding Planner v1.0 is vulnerable to arbitrary code execution.
CVE-2022-40485 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Sep 26, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /package_detail.php.
CVE-2022-40484 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Sep 26, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_edit.php.
CVE-2022-40483 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Sep 26, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /wedding_details.php.
CVE-2022-40404 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/select.php.
CVE-2022-40403 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Sep 26, 2022 N/A· v4 7.2 HIGH· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php.
CVE-2022-40402 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Sep 26, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_assign.php.
CVE-2022-38509 1Wedding Planner Project 1Wedding Planner Jun 17, 2026 Sep 19, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking_id parameter at /admin/budget.php.