80 matches found
CVE-2026-6573
A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely...
EUVD-2026-23703
A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely...
CVE-2026-6573
A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely...
CVE-2026-6573
PHPEMS 11.0 is affected via the Instant Exam Creation Handler in /app/exam/controller/exams.master.php, function temppage. Manipulating the uploadfile argument triggers a server-side request forgery (SSRF). Exploitation is publicly available and may be used remotely. No remediation details are pr...
CVE-2026-3946
A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may b...
EUVD-2026-11174
A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may b...
CVE-2026-3946
A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may b...
CVE-2026-3946 PHPEMS index.php cross site scripting
A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may b...
CVE-2026-3946 PHPEMS index.php cross site scripting
A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may b...
CVE-2026-3946
A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may b...
CVE-2026-3946
CVE-2026-3946 affects PHPEMS 11.0. The vulnerability is in an unknown function of the file /index.php?ask=app-ask, where manipulation of the askcontent argument yields cross-site scripting. This can be exploited remotely; the exploit is public. The provided data does not specify a fixed version, ...
PHPEMS 代码注入漏洞
PHPEMS is an open-source PHP online simulation exam system developed by PHPEMS. Version 11.0 of PHPEMS contains a code injection vulnerability, which stems from incorrect handling of the parameter askcontent in the file /file/index.php?ask=app-ask. This vulnerability may lead to cross-site...
PT-2026-24695
A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may b...
CVE-2025-15405
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely...
CVE-2025-15405
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely...
CVE-2025-15405
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely...
EUVD-2026-0017
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely...
CVE-2025-15405 PHPEMS cross-site request forgery
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely...
CVE-2025-15405 PHPEMS cross-site request forgery
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely...
PHPEMS 安全漏洞
PHPEMS is a PHP online practice exam system from PHPEMS open source. A security vulnerability exists in PHPEMS 11.0 and earlier versions, which stems from vulnerability to cross-site request forgery attacks...