17 matches found
Online Event Judging System add_judge.php File SQL Injection Vulnerability
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addjudge.php. The vulnerability can be...
Online Event Judging System edit_contestant.php File SQL Injection Vulnerability
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contestantid in the file /editcontestant.php. An attacker can...
CVE-2025-12263 code-projects Online Event Judging System edit_judge.php sql injection
A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /editjudge.php. The manipulation of the argument judgeid leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...
EUVD-2025-36142
A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /editcontestant.php. Executing manipulation of the argument contestantid can lead to sql injection. The attack can be executed remotely. The exploit has been made...
CVE-2025-12256
CVE-2025-12256 affects code-projects Online Event Judging System 1.0, with a SQL injection in /edit_contestant.php via the contestant_id parameter. A remote attacker can exploit this, and public exploits exist. Root cause is lack of validation of externally provided SQL statements in that paramet...
CVE-2025-12255
A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /addcontestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been release...
CVE-2025-12255
CVE-2025-12255 affects code-projects Online Event Judging System 1.0. A SQL injection flaw originates from the lack of validation of the fullname parameter in /add_contestant.php. The vulnerability allows remote execution of arbitrary SQL commands and may lead to data theft or modification; an ex...
CVE-2025-12254 code-projects Online Event Judging System add_judge.php sql injection
A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /addjudge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...
CVE-2025-12252
Summary: Multiple sources confirm a SQL injection in Code-Projects Online Event Judging System 1.0, arising from /ajax/action.php via manipulation of the content parameter. This is an externally exploitable, remote flaw with public exploit presence. Concrete details across CNVD-2025-26165, RH-CVE...
Code-Projects Online Event Judging System SQL注入漏洞
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter judgeid in the file /editjudge.php. An attacker can exploit this...
Online Event Judging System index.php File SQL Injection Vulnerability
Online Event Judging System is an online event judging system. The Online Event Judging System suffers from a SQL injection vulnerability that originates from the /index.php file not securely filtering the Username parameter. An attacker can exploit this vulnerability by constructing a malicious...
CVE-2025-10102
A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown function of the file /index.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has been release...
PT-2025-36496
Name of the Vulnerable Software and Affected Versions: code-projects Online Event Judging System version 1.0 Description: A security flaw exists in code-projects Online Event Judging System 1.0. The issue affects an unknown function within the /index.php file. Manipulation of the Username paramet...
CVE-2025-9610
A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /createaccount.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicl...
Code-Projects Online Event Judging System 安全漏洞
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...
CVE-2024-48920
PutongOJ (Putong Online Judge) prior to version 2.1.0-beta.1 is affected. Unprivileged users can escalate privileges by constructing requests, enabling admin-level operations and potentially exposing sensitive data and compromising system integrity. The issue has been fixed in v2.1.0.beta.1. A ma...
CVE-2024-48920 PutongOJ: unprivileged users can escalate privileges by constructing requests
PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system integrity. This probl...