CVE-2026-6573 PHPEMS Instant Exam Creation exams.master.php temppage server-side request forgery

A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely...

CVE-2026-6573 PHPEMS Instant Exam Creation exams.master.php temppage server-side request forgery

A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely...

PHPEMS 竞争条件问题漏洞

PHPEMS is a PHP online practice exam system. A competitive condition issue vulnerability exists in PHPEMS version 11.0 and earlier, which stems from a competitive condition in the component Purchase Request Handler that could lead to a competitive condition attack...

File upload vulnerability in PHPEMS frontend swfupload.api.php page

PHPEMS PHP Exam Management System online mock exam system based on PHP + Mysql development, is an open source and free PHP paperless mock exam system. PHPEMS front swfupload.api.php page file upload vulnerability. The vulnerability is caused by the program does not validate the uploaded file , a...