Lucene search
China National Vulnerability DatabaseCNVD-2023-40578HistoryMay 19, 2023 - 12:00 a.m.
SQL Injection Vulnerability in Online Exam System Version v1.0
2023-05-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
sql injection
online exam system
data validation
parameters columns
database security
sensitive data theft
0.002 Low
EPSS
Percentile
52.0%
Online Exam System is an online exam system. Online Exam System v1.0 suffers from a SQL injection vulnerability that originates from the lack of validation of external input SQL statements in the parameters columns, data of /jurusanmatkul/data. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| online exam system online exam system | eq | 1.0 |
Related
cvelist
cvelist
CVE-2023-2771 SourceCodester Online Exam System data sql injection
2023-05-17 18:31:03
cve
cve
CVE-2023-2771
2023-05-17 19:15:09
prion
prion
Sql injection
2023-05-17 19:15:00
nvd
nvd
CVE-2023-2771
2023-05-17 19:15:09