29 matches found
Design/Logic Flaw
thmmniii/fbs-core is an open source feedback system for students. In versions prior to 1.5.3 when querying subresults, it is possible to query subresults from other users due to insufficient authorisation. This is only possible for logged-in users and it is not possible to associate the subresult...
CVE-2023-27485 Insufficient verification of authorisation when accessing subresults in thmmniii/fbs-core
thmmniii/fbs-core is an open source feedback system for students. In versions prior to 1.5.3 when querying subresults, it is possible to query subresults from other users due to insufficient authorisation. This is only possible for logged-in users and it is not possible to associate the subresult...
CVE-2023-27485 Insufficient verification of authorisation when accessing subresults in thmmniii/fbs-core
thmmniii/fbs-core is an open source feedback system for students. In versions prior to 1.5.3 when querying subresults, it is possible to query subresults from other users due to insufficient authorisation. This is only possible for logged-in users and it is not possible to associate the subresult...
Open Faculty Evaluation System 7 - batch_name SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Open Faculty Evaluation System 7 - 'batchname' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://openfacultyeval.sourceforge.io/ Software Link:...
Open Faculty Evaluation System 5.6 - 'batch_name' SQL Injection
Exploit Title: Open Faculty Evaluation System 5.6 - 'batchname' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://openfacultyeval.sourceforge.io/ Software Link: https://sourceforge.net/projects/openfacultyeval/files/feedbackphp56.zip/download Version:...
Open Faculty Evaluation System 7 - 'batch_name' SQL Injection
Exploit Title: Open Faculty Evaluation System 7 - 'batchname' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://openfacultyeval.sourceforge.io/ Software Link: https://sourceforge.net/projects/openfacultyeval/files/feedbackphp7.zip/download Version: Php...
TalosIntelligence.com is rolling out a new dispute system
At Cisco Talos, we need customers to be able to provide feedback at all times, whether it be about false positives, false negatives, or missed categories. Because we deal with an abundance of data across our platforms — such as IPS alerts, AMP alerts and more — feedback helps us test the efficacy...
PHPBack 1.1 Cross Site Scripting Vulnerability
PHPBack version 1.1 suffers from a cross site scripting vulnerability. PHPBack 1.1 Cross Site Scripting Vulnerability Vendor: ==================== www.phpback.org Product: =============== phpback v1.1 The open source feedback system, PHPBack is feedback a web application that you can easily...
Rain Joe(YuQa)Network Information feedback system YuQaIFS V1. 0 vulnerability 0day and fix-vulnerability warning-the black bar safety net
Publishing author: f4tb0y Affected versions: YuQaIFS V1. 0 Vulnerability type: design flaw Vulnerability Description: a vulnerability in the file is YuQaIFSSave. the asp directly to the submitted data is written to the database, without any filtering. 主页 面 www.xxx.com/xx/index.asp(xx for this...