Lucene search
+L

137 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.7 views

CVE-2023-33440

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=saveuser...

7.2CVSS7.6AI score0.14507EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:53 a.m.8 views

CVE-2023-2365

A vulnerability has been found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax.php?action=deletesubject. The manipulation of the argument id leads to sql injection. The attack can be launched...

9.8CVSS7.4AI score0.00737EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:51 a.m.7 views

CVE-2023-2367

A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/manageacademic.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploi...

9.8CVSS7.4AI score0.00722EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.9 views

CVE-2023-2962

A vulnerability, which was classified as critical, has been found in SourceCodester Faculty Evaluation System 1.0. Affected by this issue is some unknown functionality of the file index.php?page=edituser. The manipulation of the argument id leads to sql injection. The attack may be launched...

9.8CVSS7.4AI score0.00711EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.8 views

CVE-2023-2366

A vulnerability was found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajax.php?action=deleteclass. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...

9.8CVSS7.4AI score0.00791EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:54 a.m.14 views

CVE-2018-18758

Open Faculty Evaluation System 7 for PHP 7 allows submitfeedback.php SQL Injection, a different vulnerability than CVE-2018-18757...

9.8CVSS7.6AI score0.02338EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:2 a.m.17 views

CVE-2018-18757

Open Faculty Evaluation System 5.6 for PHP 5.6 allows submitfeedback.php SQL Injection, a different vulnerability than CVE-2018-18758...

9.8CVSS7.6AI score0.02338EPSS
Exploits2References1
OSV
OSV
added 2023/08/01 11:15 p.m.2 views

CVE-2023-36118

Cross Site Scripting vulnerability in Faculty Evaulation System using PHP/MySQLi v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the page parameter...

5.4CVSS6.1AI score0.00688EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2023/08/01 11:15 p.m.10 views

CVE-2023-36118

Cross Site Scripting vulnerability in Faculty Evaulation System using PHP/MySQLi v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the page parameter...

5.4CVSS6.1AI score0.00688EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/08/01 12:0 a.m.6 views

Faculty Evaulation System Cross-Site Scripting Vulnerability

Faculty Evaulation System is a faculty grading system. A security vulnerability exists in Faculty Evaulation System version v.1.0, which originated from a vulnerability that allows an attacker to execute arbitrary code with a crafted payload via the page parameter...

5.4CVSS7.6AI score0.00688EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/01 12:0 a.m.6 views

PT-2023-25432

Name of the Vulnerable Software and Affected Versions Faculty Evaulation System version 1.0 Description The issue allows an attacker to execute arbitrary code via a crafted payload to the page parameter. This is a Cross Site Scripting vulnerability in the Faculty Evaulation System using PHP/MySQL...

5.4CVSS6.5AI score0.00688EPSS
Exploits1References9
Exploit DB
Exploit DB
added 2023/07/07 12:0 a.m.376 views

Faculty Evaluation System v1.0 - SQL Injection

Exploit Title: Faculty Evaluation System v1.0 - SQL Injection Date: 07/2023 Exploit Author: Andrey Stoykov Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
NVD
NVD
added 2023/06/06 8:15 p.m.22 views

CVE-2023-33569

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=updateuser...

7.2CVSS7.3AI score0.01112EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/06/06 8:15 p.m.4 views

CVE-2023-33569

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=updateuser...

7.2CVSS7.7AI score0.01112EPSS
Exploits1References2
OSV
OSV
added 2023/06/06 8:15 p.m.4 views

CVE-2023-33569

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=updateuser...

7.2CVSS6.3AI score0.01112EPSS
Exploits1References1
Prion
Prion
added 2023/06/06 8:15 p.m.19 views

Code injection

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=updateuser...

5.8CVSS7.3AI score0.01112EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/06/06 12:0 a.m.6 views

Faculty Evaluation System 代码问题漏洞

Faculty Evaluation System is a faculty evaluation system by the individual developer Carlo Montero. A security vulnerability exists in version 1.0 of the Sourcecodester Faculty Evaluation System, which originates from an arbitrary code execution vulnerability in ip/eval/ajax.php...

7.2CVSS7.8AI score0.01112EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/06/06 12:0 a.m.8 views

CVE-2023-33569

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=updateuser...

7.7AI score0.01112EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/06/06 12:0 a.m.6 views

PT-2023-24394 · Unknown · Sourcecodester Faculty Evaluation System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Faculty Evaluation System version 1.0 Description: The issue allows for arbitrary code execution via the "ip/eval/ajax.php?action=update user" API endpoint. This could potentially lead to unauthorized access and control of the...

7.2CVSS7.5AI score0.01112EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/06 12:0 a.m.29 views

CVE-2023-33569

Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=updateuser...

7.6AI score0.01112EPSS
Exploits1References1
Rows per page
Query Builder