Lucene search
K

370 matches found

Nuclei
Nuclei
added yesterday25 views

Joomla! Component Online Exam 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the Online Examination aka Online Exam or comonlineexam component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1715 info: name: Joomla! Component Online Exam 1.5.0 -...

6.8CVSS6AI score0.08177EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2026/01/31 9:14 p.m.11 views

CVE-2025-4686

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection.This issue affects Online Exam and Assessment: through 30012026. NOTE: Th...

8.6CVSS5.9AI score0.00299EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/31 12:30 a.m.4 views

EUVD-2020-30930

Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...

8.8CVSS5.9AI score0.00366EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/31 12:30 a.m.5 views

EUVD-2020-30925

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

8.8CVSS6AI score0.00502EPSS
Exploits1References4
OSV
OSV
added 2026/01/30 11:16 p.m.6 views

CVE-2020-37057

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

9.8CVSS5.9AI score0.00502EPSS
Exploits1References3
NVD
NVD
added 2026/01/30 11:16 p.m.9 views

CVE-2020-37057

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

9.8CVSS0.00502EPSS
Exploits1References3
NVD
NVD
added 2026/01/30 11:16 p.m.8 views

CVE-2020-37051

Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...

8.8CVSS0.00366EPSS
Exploits1References3
OSV
OSV
added 2026/01/30 11:16 p.m.4 views

CVE-2020-37051

Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...

5.3CVSS5.8AI score
Exploits0References3
Cvelist
Cvelist
added 2026/01/30 10:7 p.m.22 views

CVE-2020-37057 Online-Exam-System 2015 - 'fid' SQL Injection

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

8.8CVSS0.00502EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/30 10:7 p.m.6 views

CVE-2020-37057 Online-Exam-System 2015 - 'fid' SQL Injection

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

8.8CVSS5.7AI score0.00502EPSS
Exploits1References3
CVE
CVE
added 2026/01/30 10:7 p.m.20 views

CVE-2020-37057

CVE-2020-37057 affects Online-Exam-System 2015. A SQL injection in the feedback module is exploitable via the fid parameter, enabling manipulation of database queries and potential extraction, modification, or deletion of data. The CVSS metrics indicate high impact to confidentiality, integrity, ...

9.8CVSS6AI score0.00502EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/30 10:7 p.m.6 views

CVE-2020-37057

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

8.8CVSS6AI score0.00502EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/01/30 10:7 p.m.12 views

CVE-2020-37051

CVE-2020-37051 affects the Online-Exam-System 2015. A time-based blind SQL injection in the feedback form enables attackers to extract database password hashes via the feed.php endpoint, using crafted time-delayed payloads to enumerate password characters. Reported CVSS metrics (v3.1, base score ...

8.8CVSS5.9AI score0.00366EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/30 10:7 p.m.3 views

CVE-2020-37051 Online-Exam-System 2015 - 'feedback' SQL Injection

Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...

8.8CVSS5.6AI score0.00366EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/30 10:7 p.m.22 views

CVE-2020-37051 Online-Exam-System 2015 - 'feedback' SQL Injection

Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...

8.8CVSS0.00366EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/01/30 10:7 p.m.5 views

CVE-2020-37051

Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...

8.8CVSS5.9AI score0.00366EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/01/30 4:16 p.m.9 views

CVE-2025-4686

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection. This issue affects Online Exam and Assessment: through 30012026. NOTE:...

8.6CVSS0.00299EPSS
Exploits0References2
CVE
CVE
added 2026/01/30 3:54 p.m.11 views

CVE-2025-4686

CVE-2025-4686 concerns an SQL Injection in Kodmatic Computer Software’s Online Exam and Assessment product. The issue is described as improper neutralization of special elements used in SQL commands, enabling an injection that can impact confidentiality (low), integrity (low), and availability (h...

8.6CVSS5.6AI score0.00299EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/30 3:54 p.m.3 views

CVE-2025-4686

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection. This issue affects Online Exam and Assessment: through 30012026. NOTE:...

8.6CVSS5.6AI score0.00299EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/30 3:54 p.m.5 views

CVE-2025-4686 Time-Based Blind SQLi in Kodmatic Computer's Online Exam and Assessment

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection. This issue affects Online Exam and Assessment: through 30012026. NOTE:...

8.6CVSS5.6AI score0.00299EPSS
Exploits0References2
Rows per page
Query Builder