Lucene search
K

29 matches found

Prion
Prion
added 2023/03/07 7:15 p.m.14 views

Design/Logic Flaw

thmmniii/fbs-core is an open source feedback system for students. In versions prior to 1.5.3 when querying subresults, it is possible to query subresults from other users due to insufficient authorisation. This is only possible for logged-in users and it is not possible to associate the subresult...

4CVSS4.6AI score0.00506EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/03/07 6:26 p.m.23 views

CVE-2023-27485 Insufficient verification of authorisation when accessing subresults in thmmniii/fbs-core

thmmniii/fbs-core is an open source feedback system for students. In versions prior to 1.5.3 when querying subresults, it is possible to query subresults from other users due to insufficient authorisation. This is only possible for logged-in users and it is not possible to associate the subresult...

4.3CVSS4.8AI score0.00506EPSS
Exploits0References4
OSV
OSV
added 2023/03/07 6:26 p.m.19 views

CVE-2023-27485 Insufficient verification of authorisation when accessing subresults in thmmniii/fbs-core

thmmniii/fbs-core is an open source feedback system for students. In versions prior to 1.5.3 when querying subresults, it is possible to query subresults from other users due to insufficient authorisation. This is only possible for logged-in users and it is not possible to associate the subresult...

4.3CVSS4.8AI score0.00506EPSS
Exploits0References6
0day.today
0day.today
added 2018/10/31 12:0 a.m.44 views

Open Faculty Evaluation System 7 - batch_name SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Open Faculty Evaluation System 7 - 'batchname' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://openfacultyeval.sourceforge.io/ Software Link:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/29 12:0 a.m.30 views

Open Faculty Evaluation System 5.6 - 'batch_name' SQL Injection

Exploit Title: Open Faculty Evaluation System 5.6 - 'batchname' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://openfacultyeval.sourceforge.io/ Software Link: https://sourceforge.net/projects/openfacultyeval/files/feedbackphp56.zip/download Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/29 12:0 a.m.26 views

Open Faculty Evaluation System 7 - 'batch_name' SQL Injection

Exploit Title: Open Faculty Evaluation System 7 - 'batchname' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://openfacultyeval.sourceforge.io/ Software Link: https://sourceforge.net/projects/openfacultyeval/files/feedbackphp7.zip/download Version: Php...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2018/07/23 12:9 p.m.80 views

TalosIntelligence.com is rolling out a new dispute system

At Cisco Talos, we need customers to be able to provide feedback at all times, whether it be about false positives, false negatives, or missed categories. Because we deal with an abundance of data across our platforms — such as IPS alerts, AMP alerts and more — feedback helps us test the efficacy...

6.8AI score
Exploits0
0day.today
0day.today
added 2015/12/15 12:0 a.m.21 views

PHPBack 1.1 Cross Site Scripting Vulnerability

PHPBack version 1.1 suffers from a cross site scripting vulnerability. PHPBack 1.1 Cross Site Scripting Vulnerability Vendor: ==================== www.phpback.org Product: =============== phpback v1.1 The open source feedback system, PHPBack is feedback a web application that you can easily...

6.7AI score
Exploits0
myhack58
myhack58
added 2011/02/04 12:0 a.m.21 views

Rain Joe(YuQa)Network Information feedback system YuQaIFS V1. 0 vulnerability 0day and fix-vulnerability warning-the black bar safety net

Publishing author: f4tb0y Affected versions: YuQaIFS V1. 0 Vulnerability type: design flaw Vulnerability Description: a vulnerability in the file is YuQaIFSSave. the asp directly to the submitted data is written to the database, without any filtering. 主页 面 www.xxx.com/xx/index.asp(xx for this...

0.9AI score
Exploits0
Rows per page
Query Builder