Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Online Examination System Security Vulnerabilities - 2023

cve
cve

CVE-2023-45115

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS

9.1AI Score

0.001EPSS

2023-12-21 04:15 PM
15
cve
cve

CVE-2023-45116

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS

9.1AI Score

0.001EPSS

2023-12-21 04:15 PM
9
cve
cve

CVE-2023-45117

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS

9.1AI Score

0.001EPSS

2023-12-21 04:15 PM
16
cve
cve

CVE-2023-45118

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS

9.1AI Score

0.001EPSS

2023-12-21 04:15 PM
17
cve
cve

CVE-2023-45119

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS

9.1AI Score

0.001EPSS

2023-12-21 04:15 PM
17
cve
cve

CVE-2023-45120

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS

9.1AI Score

0.001EPSS

2023-12-21 05:15 PM
16
cve
cve

CVE-2023-45121

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database.

9.8CVSS

9.1AI Score

0.001EPSS

2023-12-21 05:15 PM
12
cve
cve

CVE-2023-45201

Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.

6.1CVSS

6.2AI Score

0.0005EPSS

2023-11-01 10:15 PM
26
cve
cve

CVE-2023-45202

Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.

6.1CVSS

6.2AI Score

0.0005EPSS

2023-11-01 11:15 PM
27
cve
cve

CVE-2023-45203

Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.

6.1CVSS

6.2AI Score

0.0005EPSS

2023-11-01 11:15 PM
32