4 matches found
CVE-2025-51567
A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...
CVE-2024-40480
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access...
Kashipara Online Exam System 安全漏洞
Kashipara Online Exam System is an online exam system from Kashipara Inc. A security vulnerability exists in Kashipara Online Exam System version v1.0, which originated when the rname and email parameters in the /admin/afeedback.php page were found to contain a stored cross-site scripting XSS...
PT-2024-28865 · Unknown · Kashipara Online Exam System
Name of the Vulnerable Software and Affected Versions: Kashipara Online Exam System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the "/admin/afeedback.php" endpoint, allowing remote attackers to execute arbitrary code via the rname and email parameter fields. This...