CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3482 matches found

Vulnrichment•added 2024/03/12 12:0 a.m.•15 views

CVE-2024-24093

SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via Personal Information Update information...

8.7AI score0.0015EPSS

Exploits0References1

Vulnrichment•added 2024/03/12 12:0 a.m.•18 views

CVE-2024-24101

Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update...

8.3AI score0.0011EPSS

Exploits0References1

CVE•added 2024/03/12 12:0 a.m.•45 views

CVE-2023-42307

The CVE-2023-42307 entry concerns a Cross Site Scripting (XSS) vulnerability in the Code-Projects Exam Form Submission 1.0. The issue allows an attacker to execute arbitrary code via inputs in the Subject Name and Subject Code fields. Public references in the connected documents consistently desc...

6.1CVSS6.2AI score0.00128EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2024/03/12 12:0 a.m.•12 views

CVE-2024-24097

Cross Site Scripting XSS vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed...

6.3AI score0.00184EPSS

Exploits0References1

Cvelist•added 2024/03/12 12:0 a.m.•14 views

CVE-2024-24101

Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update...

7.9AI score0.0011EPSS

Exploits0References1

CVE•added 2024/03/12 12:0 a.m.•57 views

CVE-2024-24097

CVE-2024-24097 involves a Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 . The issue stems from insufficient input filtering/escaping in the News Feed, allowing an attacker to inject and execute arbitrary scripts in a victim’s browser. Multiple connected so...

5.4CVSS6.1AI score0.00184EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/03/12 12:0 a.m.•2 views

PT-2024-13037 · Unknown · Code-Projects Exam Form Submission

Name of the Vulnerable Software and Affected Versions: Code-Projects Exam Form Submission version 1.0 Description: The issue allows attackers to run arbitrary code via the Subject Name and Subject Code sections, potentially leading to unauthorized actions. This is a Cross Site Scripting XSS issue...

6.1CVSS6.9AI score0.00128EPSS

Exploits0References4

Cvelist•added 2024/03/12 12:0 a.m.•12 views

CVE-2023-42307

Cross Site Scripting XSS vulnerability in Code-Projects Exam Form Submission 1.0 allows attackers to run arbitrary code via "Subject Name" and "Subject Code" section...

6.1AI score0.00128EPSS

Exploits1References1

CVE•added 2024/03/12 12:0 a.m.•53 views

CVE-2024-24093

The CVE-2024-24093 issue affects Code-projects Scholars Tracking System 1.0. A SQL injection vulnerability in the Personal Information Update functionality could let an attacker run arbitrary code, as described across multiple feeds (NVD/Red Hat/CNVD etc.). The core details indicate a high-severi...

9.8CVSS8.3AI score0.0015EPSS

Exploits0References1Affected Software1

CVE•added 2024/03/12 12:0 a.m.•51 views

CVE-2023-42308

CVE-2023-42308 is an XSS vulnerability affecting Code-Projects Exam Form Submission version 1.0, specifically in the Manage Fastrack Subjects feature. The root cause involves untrusted input in the Subject Name and Subject Code fields, enabling cross-site script execution. Public documents from R...

6.1CVSS6.2AI score0.00128EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/03/12 12:0 a.m.•16 views

CVE-2023-42308

Cross Site Scripting XSS vulnerability in Manage Fastrack Subjects in Code-Projects Exam Form Submission 1.0 allows attackers to run arbitrary code via the "Subject Name" and "Subject Code" Section...

6.1AI score0.00128EPSS

Exploits0References1

Cvelist•added 2024/03/12 12:0 a.m.•13 views

CVE-2024-24093

SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via Personal Information Update information...

8.2AI score0.0015EPSS

Exploits0References1

OSV•added 2024/03/07 9:15 a.m.•2 views

CVE-2023-41014

code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via the Username parameter for "Employer."...

9.8CVSS5.8AI score0.00158EPSS

Exploits0References1

Positive Technologies•added 2024/03/07 12:0 a.m.•2 views

PT-2024-12915 · Unknown · Code-Projects.Org Online Job Portal

Name of the Vulnerable Software and Affected Versions: code-projects.org Online Job Portal version 1.0 Description: The issue is related to SQL Injection. It can be exploited via the "/Employer/DeleteJob.php?JobId=1" API endpoint, specifically through the JobId variable. This allows for potential...

5.5CVSS7.1AI score0.00099EPSS

Exploits0References3

CVE•added 2024/03/07 12:0 a.m.•46 views

CVE-2023-41015

CVE-2023-41015 affects code-projects.org Online Job Portal 1.0. Public docs indicate a SQL Injection vulnerability in /Employer/DeleteJob.php?JobId=1 (via JobId parameter) with CVSS v3.1 base score 5.5 (MEDIUM). Exploitation status is not documented in the provided sources. No remediation/fix det...

5.5CVSS8AI score0.00099EPSS

Exploits0References1Affected Software1

OSV•added 2024/03/05 4:15 p.m.•2 views

CVE-2024-24098

Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection via the News Feed...

7.8CVSS5.9AI score0.00054EPSS

Exploits0References2