Lucene search
K

8 matches found

CVE
CVE
added 7 hours ago7 views

CVE-2026-14706

CVE-2026-14706 affects code-projects Online Examination 1.0, specifically the Quiz Creation Feature via /update.php?q=addquiz. The issue arises from manipulation of arguments name/total/right/wrong/time/tag/desc, leading to SQL injection. Remote attack possible; exploit publicly available (exploi...

6.5CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-41727

A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated...

6.5CVSS6.5AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/27 1:27 a.m.9 views

CVE-2026-13422

The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdqvalidatenonce function. This makes it possible for unauthenticated attackers to delete or modify quizzes and questions, create ne...

4.3CVSS5.6AI score0.00179EPSS
Exploits0References17Affected Software1
CVE
CVE
added 2026/06/27 1:27 a.m.19 views

CVE-2026-13422

The CVE concerns the WordPress plugin HD Quiz (WordPress) versions 2.2.0–2.2.1. The root cause is missing or incorrect nonce validation in the hdq_validate_nonce function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to delete or modify quizzes and questions, create ...

4.3CVSS5.6AI score0.00179EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16853

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00359EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/17 5:33 a.m.13 views

CVE-2024-9351 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.35.1 - Cross-Site Request Forgery to Draft Quiz Creation

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the quiz 'createmodule' function. This makes it possible f...

4.3CVSS6.5AI score0.00207EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/16 8:52 p.m.5 views

WordPress Forminator Forms plugin <= 1.35.1 - Cross-Site Request Forgery to Draft Quiz Creation vulnerability

Cross-Site Request Forgery to Draft Quiz Creation vulnerability discovered by Vijaysimha Reddy vijaysimha in WordPress Plugin Forminator versions = 1.35.1...

4.3CVSS7AI score0.00207EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.5 views

PT-2024-39586 · WordPress · The Forminator Forms

Name of the Vulnerable Software and Affected Versions: The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress versions up to, and including, 1.35.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on...

4.3CVSS7AI score0.00207EPSS
Exploits0References8
Rows per page
Query Builder