370 matches found
Joomla! Component Online Exam 1.5.0 - Local File Inclusion
A directory traversal vulnerability in the Online Examination aka Online Exam or comonlineexam component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1715 info: name: Joomla! Component Online Exam 1.5.0 -...
CVE-2025-4686
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection.This issue affects Online Exam and Assessment: through 30012026. NOTE: Th...
EUVD-2020-30930
Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...
EUVD-2020-30925
Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...
CVE-2020-37057
Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...
CVE-2020-37057
Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...
CVE-2020-37051
Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...
CVE-2020-37051
Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...
CVE-2020-37057 Online-Exam-System 2015 - 'fid' SQL Injection
Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...
CVE-2020-37057 Online-Exam-System 2015 - 'fid' SQL Injection
Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...
CVE-2020-37057
CVE-2020-37057 affects Online-Exam-System 2015. A SQL injection in the feedback module is exploitable via the fid parameter, enabling manipulation of database queries and potential extraction, modification, or deletion of data. The CVSS metrics indicate high impact to confidentiality, integrity, ...
CVE-2020-37057
Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...
CVE-2020-37051
CVE-2020-37051 affects the Online-Exam-System 2015. A time-based blind SQL injection in the feedback form enables attackers to extract database password hashes via the feed.php endpoint, using crafted time-delayed payloads to enumerate password characters. Reported CVSS metrics (v3.1, base score ...
CVE-2020-37051 Online-Exam-System 2015 - 'feedback' SQL Injection
Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...
CVE-2020-37051 Online-Exam-System 2015 - 'feedback' SQL Injection
Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...
CVE-2020-37051
Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback form that allows attackers to extract database password hashes. Attackers can exploit the 'feed.php' endpoint by crafting malicious payload requests that use time delays to systematically enumerate use...
CVE-2025-4686
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection. This issue affects Online Exam and Assessment: through 30012026. NOTE:...
CVE-2025-4686
CVE-2025-4686 concerns an SQL Injection in Kodmatic Computer Software’s Online Exam and Assessment product. The issue is described as improper neutralization of special elements used in SQL commands, enabling an injection that can impact confidentiality (low), integrity (low), and availability (h...
CVE-2025-4686
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection. This issue affects Online Exam and Assessment: through 30012026. NOTE:...
CVE-2025-4686 Time-Based Blind SQLi in Kodmatic Computer's Online Exam and Assessment
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection. This issue affects Online Exam and Assessment: through 30012026. NOTE:...