W. W. Norton InQuizitive 跨站脚本漏洞

W. W. Norton InQuizitive is an online adaptive learning tool from W. W. Norton Company with an eTextbook and interactive videos designed to help students complete courses. A security vulnerability exists in W. W. Norton InQuizitive version 2025-04-08 and earlier, which stems from a vulnerability...

PT-2024-26781 · WordPress · The Quiz/Survey Master

Name of the Vulnerable Software and Affected Versions: The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress versions up to, and including, 9.0.1 Description: The issue is related to SQL Injection via the question id parameter due to insufficient escaping on the user-suppli...

WordPress plugin Tutor LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-1751

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the questionid parameter in all versions up to, and including, 2.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existi...

WordPress Plugin Tutor LMS Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

Agro-School Management System SQL注入漏洞

Agro-School Management System is an agricultural school management system. A SQL injection vulnerability exists in Agro-School Management System version 1.0, which stems from a problem with the function doUpdateQuestion in the file btnfunctions.php, where manipulation of the parameter questionid...

PT-2022-25351 · WordPress · Quiz/Survey Master

Name of the Vulnerable Software and Affected Versions: Quiz and Survey Master plugin for WordPress versions up to, and including, 8.0.4 Description: The issue is related to input validation bypass via the questionid parameter. Insufficient input validation allows attackers to inject content other...

CVE-2021-42666

A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quizquestion.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remot...

Engineers Online Portal SQL注入漏洞

Sourcecodester Engineers Online Portal is an open source online portal. sourcecodester Engineers Online Portal in PHP is vulnerable to SQL injection. An attacker can exploit the vulnerability to extract sensitive data from the web server via the id parameter of quizquestion.php and, in some cases...