In Simple Exam Reviewer Management System v1.0 the User List function has improper access control that allows low privileged users to modify user permissions to higher privileges.
6.5CVSS
6.3AI Score
0.001EPSS
In Simple Exam Reviewer Management System v1.0 the User List function suffers from insecure file upload.
8.8CVSS
8.6AI Score
0.001EPSS
Simple Exam Reviewer Management System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Exam List.
8.8CVSS
8.7AI Score
0.002EPSS
Simple Exam Reviewer Management System v1.0 is vulnerable to Stored Cross Site Scripting (XSS) via the Exam List.
5.4CVSS
5.2AI Score
0.001EPSS
7.2CVSS
6.9AI Score
0.001EPSS