CVE-2025-51567
- EPSS 0.06%
- Veröffentlicht 12.01.2026 00:00:00
- Zuletzt bearbeitet 16.01.2026 17:31:06
A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassw...
CVE-2024-40480
- EPSS 0.9%
- Veröffentlicht 12.08.2024 13:38:29
- Zuletzt bearbeitet 14.03.2025 16:15:33
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the d...
CVE-2024-40478
- EPSS 0.42%
- Veröffentlicht 12.08.2024 13:38:28
- Zuletzt bearbeitet 13.03.2025 16:15:20
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields
CVE-2024-40479
- EPSS 0.17%
- Veröffentlicht 12.08.2024 13:38:28
- Zuletzt bearbeitet 19.11.2025 12:44:10
A SQL injection vulnerability in "/admin/quizquestion.php" in Kashipara Online Exam System v1.0 allows remote attackers to execute arbitrary SQL commands via the "eid" parameter.