8 matches found
CVE-2023-52285
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...
CVE-2023-52285
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...
Sql injection
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...
ExamSys Security Vulnerabilities
ExamSys is an online exam system for RYAN individual developers in China. A security vulnerability exists in ExamSys version 9150244, which originates from allowing SQL injection via the parameter sscore2 in /Support/action/Pages.php...
CVE-2023-52285
ExamSys 9150244 is affected by CVE-2023-52285, with a SQL Injection vulnerability via the /Support/action/Pages.php s_score2 parameter. Evidence from multiple sources confirms the issue and a CVSSv3.1 base score of 7.5 (HIGH). Connected details indicate the problem stems from unsanitized input in...
PT-2024-14504 · Examsys · Examsys
Name of the Vulnerable Software and Affected Versions: ExamSys version 9150244 Description: The issue allows SQL Injection via the "/Support/action/Pages.php" endpoint, specifically through the s score2 parameter. This enables potential attackers to inject malicious SQL code, which could lead to...
CVE-2023-52285
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...
CVE-2023-52285
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php sscore2 parameter...