Projectworlds

Online Examination System

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-4706

Exploit
  • EPSS 0.08%
  • Veröffentlicht 15.05.2025 16:31:04
  • Zuletzt bearbeitet 28.08.2025 14:43:13

A vulnerability was found in projectworlds Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Procedure3b_yearwiseVisit.php. The manipulation of the argument Visit_year leads to sql i...

9.8

CVE-2025-4058

Exploit
  • EPSS 0.22%
  • Veröffentlicht 29.04.2025 11:31:03
  • Zuletzt bearbeitet 15.05.2025 20:44:45

A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroop_process.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. It is pos...

9.8

CVE-2025-4034

Exploit
  • EPSS 0.22%
  • Veröffentlicht 28.04.2025 19:31:03
  • Zuletzt bearbeitet 10.05.2025 00:57:32

A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injec...

9.8

CVE-2024-42843

Exploit
  • EPSS 0.07%
  • Veröffentlicht 15.08.2024 17:15:18
  • Zuletzt bearbeitet 19.08.2024 19:35:09

Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php.

8.8

CVE-2023-45120

Exploit
  • EPSS 0.12%
  • Veröffentlicht 21.12.2023 17:15:08
  • Zuletzt bearbeitet 19.05.2025 14:15:21

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database...

8.8

CVE-2023-45121

Exploit
  • EPSS 0.13%
  • Veröffentlicht 21.12.2023 17:15:08
  • Zuletzt bearbeitet 19.05.2025 14:15:21

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database.

8.8

CVE-2023-45119

Exploit
  • EPSS 0.13%
  • Veröffentlicht 21.12.2023 16:15:09
  • Zuletzt bearbeitet 19.05.2025 14:15:21

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database.

8.8

CVE-2023-45116

Exploit
  • EPSS 0.12%
  • Veröffentlicht 21.12.2023 16:15:08
  • Zuletzt bearbeitet 19.05.2025 14:15:20

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.

8.8

CVE-2023-45117

  • EPSS 0.1%
  • Veröffentlicht 21.12.2023 16:15:08
  • Zuletzt bearbeitet 19.05.2025 14:15:20

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database.

8.8

CVE-2023-45118

Exploit
  • EPSS 0.12%
  • Veröffentlicht 21.12.2023 16:15:08
  • Zuletzt bearbeitet 19.05.2025 14:15:21

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.