Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Online Fire Reporting System Project
Filtered by product Online Fire Reporting System
Angry Yack Logo
Total 15 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34611 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 N/A 5.4 MEDIUM
A cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "Contac #" text field.
CVE-2022-31984 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=.
CVE-2022-31983 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=.
CVE-2022-31982 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=.
CVE-2022-31981 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=.
CVE-2022-31980 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=.
CVE-2022-31978 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_inquiry.
CVE-2022-31977 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_team.
CVE-2022-31976 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 7.5 HIGH 9.8 CRITICAL
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_request.
CVE-2022-31975 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_user&id=.
CVE-2022-31974 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 6.5 MEDIUM 7.2 HIGH
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=.
CVE-2022-31973 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 5.5 MEDIUM 6.5 MEDIUM
Online Fire Reporting System v1.0 is vulnerable to Delete any file via /ofrs/classes/Master.php?f=delete_img.
CVE-2022-31906 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 3.5 LOW 4.8 MEDIUM
Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php.
CVE-2022-31879 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 N/A 8.8 HIGH
Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.
CVE-2022-31415 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php.