3 matches found
CVE-2023-30016
The CVE-2023-30016 entry concerns Oretnom23 Judging Management System v1.0 with a SQL Injection in the sub_event_details_edit.php endpoint (via the sub_event_id parameter) that could allow remote attackers to execute arbitrary code and access sensitive data. Multiple sources corroborate the same ...
CVE-2023-30014
CVE-2023-30014 affects oretnom23 Judging Management System v1.0. A SQL injection in sub_event_stat_update.php via the sub_event_id parameter allows remote attackers to potentially access arbitrary data and escalate to arbitrary code execution (per CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). T...
PT-2024-12222 · Unknown · Oretnom23 Judging Management System
Name of the Vulnerable Software and Affected Versions: oretnom23 Judging Management System version 1.0 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via the sub event id parameter in the "sub event stat update.php" endpoint...