CVE-2026-10606 DedeCMS Feedback feedback.php TrimMsg sql injection

A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argument msg can lead to sql injection. The attack can be launched remotely. The exploit has been public...

EUVD-2020-30925

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

CVE-2020-37057

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

CVE-2020-37057

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

CVE-2020-37057 Online-Exam-System 2015 - 'fid' SQL Injection

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

CVE-2020-37057 Online-Exam-System 2015 - 'fid' SQL Injection

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

CVE-2020-37057

Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows attackers to manipulate database queries through the 'fid' parameter. Attackers can inject malicious SQL code into the 'fid' parameter to potentially extract, modify, or delete database information...

CVE-2020-37057

CVE-2020-37057 affects Online-Exam-System 2015, where a SQL injection in the feedback module is triggered via the fid parameter. The root cause is unsafely constructed SQL queries allowing attackers to manipulate queries, potentially exfiltrate or modify data. CVSS metrics indicate a high-severit...

Online-Exam-System – SQL Injection Vulnerabilities

Online-Exam-System is an online examination system developed by Sunny Prakash Tiwari. The 2015 version of Online-Exam-System has a SQL injection vulnerability. This vulnerability stems from parameters “fid” in the feedback module, which may allow attackers to manipulate database queries...

PT-2026-5493

Name of the Vulnerable Software and Affected Versions Online-Exam-System version 2015 Description The software contains a SQL injection issue within the feedback module. Attackers can manipulate database queries by injecting malicious SQL code through the fid parameter. This could allow attackers...

EUVD-2013-2197

Malware in sbrugna...

EUVD-2024-3328

Malicious code in bioql PyPI...

EUVD-2022-4276

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-43434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability...

Cross-Site Request Forgery (CSRF)

moodle/moodle is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to an incorrect CSRF token check in the bulk message sending feature of the Feedback module's non-respondents report, allowing an attacker to execute unauthorized actions...

Moodle has CSRF risk in Feedback non-respondents report

The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability...

CVE-2024-43434

The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability...

UBUNTU-CVE-2024-43434

The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability...

PT-2024-8612 · Moodle +2 · Moodle +2

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: The issue is related to a CSRF vulnerability in the bulk message sending feature of Moodle's Feedback module's non-respondents report. This vulnerability is caused by an incorrect CSRF token...

GHSA-J4MR-VC54-H5PC Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse...