Lucene search
K

17 matches found

CNVD
CNVD
added 2025/10/31 12:0 a.m.5 views

Online Event Judging System add_judge.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addjudge.php. The vulnerability can be...

8.8CVSS7.1AI score0.00299EPSS
Exploits1References1
CNVD
CNVD
added 2025/10/31 12:0 a.m.2 views

Online Event Judging System edit_contestant.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contestantid in the file /editcontestant.php. An attacker can...

8.8CVSS7.1AI score0.00396EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/27 10:32 a.m.3 views

CVE-2025-12263 code-projects Online Event Judging System edit_judge.php sql injection

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /editjudge.php. The manipulation of the argument judgeid leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

6.5CVSS6.8AI score0.00304EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/27 9:32 a.m.5 views

EUVD-2025-36142

A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /editcontestant.php. Executing manipulation of the argument contestantid can lead to sql injection. The attack can be executed remotely. The exploit has been made...

6.5CVSS6.7AI score0.00396EPSS
Exploits1References6
CVE
CVE
added 2025/10/27 9:32 a.m.10 views

CVE-2025-12256

CVE-2025-12256 affects code-projects Online Event Judging System 1.0, with a SQL injection in /edit_contestant.php via the contestant_id parameter. A remote attacker can exploit this, and public exploits exist. Root cause is lack of validation of externally provided SQL statements in that paramet...

8.8CVSS6.5AI score0.00396EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/10/27 9:15 a.m.3 views

CVE-2025-12255

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /addcontestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been release...

8.8CVSS5.7AI score0.00299EPSS
Exploits1References5
CVE
CVE
added 2025/10/27 9:2 a.m.9 views

CVE-2025-12255

CVE-2025-12255 affects code-projects Online Event Judging System 1.0. A SQL injection flaw originates from the lack of validation of the fullname parameter in /add_contestant.php. The vulnerability allows remote execution of arbitrary SQL commands and may lead to data theft or modification; an ex...

8.8CVSS6.5AI score0.00299EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/27 9:2 a.m.3 views

CVE-2025-12254 code-projects Online Event Judging System add_judge.php sql injection

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /addjudge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

6.5CVSS6.4AI score0.00299EPSS
Exploits1References5
CVE
CVE
added 2025/10/27 8:32 a.m.11 views

CVE-2025-12252

Summary: Multiple sources confirm a SQL injection in Code-Projects Online Event Judging System 1.0, arising from /ajax/action.php via manipulation of the content parameter. This is an externally exploitable, remote flaw with public exploit presence. Concrete details across CNVD-2025-26165, RH-CVE...

8.8CVSS6.7AI score0.00299EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.4 views

Code-Projects Online Event Judging System SQL注入漏洞

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter judgeid in the file /editjudge.php. An attacker can exploit this...

8.8CVSS8.2AI score0.00304EPSS
Exploits1References5
CNVD
CNVD
added 2025/09/10 12:0 a.m.2 views

Online Event Judging System index.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. The Online Event Judging System suffers from a SQL injection vulnerability that originates from the /index.php file not securely filtering the Username parameter. An attacker can exploit this vulnerability by constructing a malicious...

9.8CVSS8.4AI score0.00441EPSS
Exploits1References1
OSV
OSV
added 2025/09/08 7:15 p.m.5 views

CVE-2025-10102

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...

9.8CVSS5.7AI score0.00441EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.5 views

PT-2025-36496

Name of the Vulnerable Software and Affected Versions: code-projects Online Event Judging System version 1.0 Description: A security flaw exists in code-projects Online Event Judging System 1.0. The issue affects an unknown function within the /index.php file. Manipulation of the Username paramet...

9.8CVSS7.4AI score0.00441EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2025/08/31 3:42 a.m.5 views

CVE-2025-9610

A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /createaccount.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicl...

9.8CVSS7.3AI score0.00384EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.3 views

Code-Projects Online Event Judging System 安全漏洞

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...

9.8CVSS8.2AI score0.00384EPSS
Exploits1References6
CVE
CVE
added 2024/10/17 2:24 p.m.38 views

CVE-2024-48920

PutongOJ (Putong Online Judge) prior to version 2.1.0-beta.1 is affected. Unprivileged users can escalate privileges by constructing requests, enabling admin-level operations and potentially exposing sensitive data and compromising system integrity. The issue has been fixed in v2.1.0.beta.1. A ma...

9.1CVSS9.3AI score0.00453EPSS
Exploits0References3
OSV
OSV
added 2024/10/17 2:24 p.m.12 views

CVE-2024-48920 PutongOJ: unprivileged users can escalate privileges by constructing requests

PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system integrity. This probl...

9.1CVSS7AI score0.00453EPSS
Exploits0References5
Rows per page
Query Builder