19 matches found
EUVD-2026-16807
A vulnerability was detected in SourceCodester Online Quiz System hasta 1.0. Affected by this vulnerability is an unknown functionality of the file endpoint/add-question.php. Performing a manipulation of the argument quizquestion results in cross site scripting. It is possible to initiate the...
CVE-2026-4973
A vulnerability was detected in SourceCodester Online Quiz System up to 1.0. Affected by this vulnerability is an unknown functionality of the file endpoint/add-question.php. Performing a manipulation of the argument quizquestion results in cross site scripting. It is possible to initiate the...
CVE-2026-4973 SourceCodester Online Quiz System add-question.php cross site scripting
A vulnerability was detected in SourceCodester Online Quiz System up to 1.0. Affected by this vulnerability is an unknown functionality of the file endpoint/add-question.php. Performing a manipulation of the argument quizquestion results in cross site scripting. It is possible to initiate the...
CVE-2026-4973
SourceCodester Online Quiz System hasta 1.0 contains a cross-site scripting (XSS) vulnerability in an unknown functionality of endpoint/add-question.php. By manipulating the quiz_question argument, an attacker can trigger XSS, with remote access possible and the exploit publicly available. The pr...
CVE-2026-4973 SourceCodester Online Quiz System add-question.php cross site scripting
A vulnerability was detected in SourceCodester Online Quiz System up to 1.0. Affected by this vulnerability is an unknown functionality of the file endpoint/add-question.php. Performing a manipulation of the argument quizquestion results in cross site scripting. It is possible to initiate the...
PT-2026-28698
Name of the Vulnerable Software and Affected Versions SourceCodester Online Quiz System version 1.0 Description A flaw exists in SourceCodester Online Quiz System that allows for cross site scripting. This issue is related to the manipulation of the quiz question argument within the...
CVE-2024-1078
The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aysquickstart and addquestionrows functions in all versions up to, and including, 6.5.2.4. This makes it possible for authenticated attackers, with subscriber-level acce...
PT-2024-16539 · WordPress · Quiz Maker
Name of the Vulnerable Software and Affected Versions: The Quiz Maker plugin for WordPress versions up to, and including, 6.5.2.4 Description: The issue is related to a missing capability check on the ays quick start and add question rows functions. This allows authenticated attackers with...
WordPress Plugin Quiz Maker Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2023-3060
A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btnfunctions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated...
Agro-School Management System 跨站脚本漏洞
Agro-School Management System is an agricultural school management system. code-projects A cross-site scripting vulnerability exists in Agro-School Management System version 1.0, which stems from a security issue in the function doAddQuestion in btnfunctions.php, which leads to cross-site scripti...
PT-2023-22801 · Code Projects · Agro-School Management System
Name of the Vulnerable Software and Affected Versions: code-projects Agro-School Management System version 1.0 Description: A vulnerability has been found in the code-projects Agro-School Management System, affecting the function doAddQuestion of the file btn functions.php. The manipulation of th...
GHSA-8595-6653-96P2 phpMyFAQ vulnerable to Stored Cross-site Scripting
phpMyFAQ prior to version 3.1.13 has a stored cross site scripting vulnerability in name field in add question module. This allows an attacker to steal user cookies...
phpMyFAQ vulnerable to Stored Cross-site Scripting
phpMyFAQ prior to version 3.1.13 has a stored cross site scripting vulnerability in name field in add question module. This allows an attacker to steal user cookies...
PT-2023-19508 · Phpmyfaq · Phpmyfaq
Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions prior to 3.1.13 Description: The issue is related to a stored Cross-site Scripting XSS vulnerability. This vulnerability allows an attacker to steal user cookies by exploiting the name field in the add question module...
Stored cross site scripting vulnerability in thorsten/phpmyfaq
Description Stored cross site scripting vulnerability in "name" field in add question module. This allows attacker to stolen user cookies. Proof of Concept 1 . Login to the demo account https://roy.demo.phpmyfaq.de/ 2 . Login as demo user 3 . Click add question 4 . Add payload in "Your Name"...
Dom XSS in Add Question
Description Evil users can attack other users or administrator users through this vulnerability, causing other users/administrator user accounts to be taken over Proof of Concept step1. Add a normal user and log in step2. Add a new question and insert xss payload in the body Step3. Login admin us...
Blind Stored XSS in admin panel (open question page)
Description Blind stored XSS via any unauthorized or anonymous visitor user without any privileges can inject XSS payload in "Add question" page in "Your Name" input field then it will be executed in admin panel in Open Question page Proof of Concept...
CVE-2022-2685
A vulnerability was found in SourceCodester Interview Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /addQuestion.php. The manipulation of the argument question with the input alert1 leads to cross site scripting. The attack may be...