27 matches found
CVE-2023-25431
An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer0/admins/assessments/course/course-update.php...
EUVD-2023-29387
Malicious code in bioql PyPI...
EUVD-2023-23329
Malicious code in bioql PyPI...
EUVD-2023-29386
Malicious code in bioql PyPI...
CVE-2023-25432
An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...
CVE-2023-25432
An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...
CVE-2023-25431
An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer0/admins/assessments/course/course-update.php...
CVE-2023-25431
An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer0/admins/assessments/course/course-update.php...
CVE-2023-25432
An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...
CVE-2023-25432
An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...
Sql injection
An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...
Cross site scripting
An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer0/admins/assessments/course/course-update.php...
CVE-2023-25431
CVE-2023-25431 affects Online Reviewer Management System v1.0, with a XSS vulnerability exploitable via reviewer_0/admins/assessments/course/course-update.php. The issue is documented across multiple feeds (NVD/Red Hat/CVE lists) as an input/output reflection flaw that can be triggered through th...
CVE-2023-25432
An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer0/admins/assessments/course/course-update.php...
CVE-2023-25431
An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer0/admins/assessments/course/course-update.php...
CVE-2023-25431
An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer0/admins/assessments/course/course-update.php...
PT-2023-20057 · Unknown · Online Reviewer Management System
Name of the Vulnerable Software and Affected Versions: Online Reviewer Management System version 1.0 Description: An issue was discovered in the Online Reviewer Management System, where there is a XSS vulnerability. This vulnerability can be exploited via the reviewer...
CVE-2023-25432
CVE-2023-25432 affects Online Reviewer Management System v1.0, with a SQL injection in the API endpoint reviewer_0/admins/assessments/course/course-update.php. The vulnerability allows direct commands to the background database; CVSS 3.1 base score 7.2 (HIGH) with network attack vector, low attac...
CVE-2023-1038
A vulnerability classified as critical has been found in SourceCodester Online Reviewer Management System 1.0. Affected is an unknown function of the file /reviewer0/admins/assessments/pretest/questions-view.php. The manipulation of the argument id leads to sql injection. It is possible to launch...
CVE-2023-1038
A vulnerability classified as critical has been found in SourceCodester Online Reviewer Management System 1.0. Affected is an unknown function of the file /reviewer0/admins/assessments/pretest/questions-view.php. The manipulation of the argument id leads to sql injection. It is possible to launch...