CVE-2023-45115
- EPSS 0.12%
- Veröffentlicht 21.12.2023 16:15:07
- Zuletzt bearbeitet 19.05.2025 14:15:20
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-45203
- EPSS 0.2%
- Veröffentlicht 01.11.2023 23:15:08
- Zuletzt bearbeitet 21.11.2024 08:26:32
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.
CVE-2023-45202
- EPSS 0.16%
- Veröffentlicht 01.11.2023 23:15:07
- Zuletzt bearbeitet 21.11.2024 08:26:32
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.
CVE-2023-45201
- EPSS 0.16%
- Veröffentlicht 01.11.2023 22:15:08
- Zuletzt bearbeitet 21.11.2024 08:26:32
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.
CVE-2022-42066
- EPSS 0.21%
- Veröffentlicht 14.10.2022 15:16:23
- Zuletzt bearbeitet 14.05.2025 16:15:25
Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php.
- EPSS 0.33%
- Veröffentlicht 21.01.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:33:51
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php.