Filtered by vendor Demo
Subscriptions
Filtered by product Alive Parish
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25176 | 1 Demo | 1 Alive Parish | 2026-03-09 | 8.2 High |
| Alive Parish 2.0.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the key parameter in the search endpoint. Attackers can also upload arbitrary files via the person photo upload functionality to the images/uploaded directory for remote code execution. | ||||
Page 1 of 1.