Lucene search
K
CampcodesOnline Examination System

16 matches found

CVE
CVE
added 2024/03/27 2:0 a.m.72 views

CVE-2024-2942

CVE-2024-2942 affects Campcodes Online Examination System 1.0, leveraging SQL injection via the id parameter in /adminpanel/admin/query/deleteQuestionExe.php. Multiple connected sources confirm remote exploitation potential and that the vulnerability stems from unsanitized input in deleteQuestion...

6.5CVSS6.8AI score0.00512EPSS
Web
CVE
CVE
added 2024/05/15 9:31 p.m.66 views

CVE-2024-4914

The CVE-2024-4914 entry affects Campcodes Online Examination System 1.0, where the vulnerability lies in ranking-exam.php: the manipulation of the exam_id parameter enables SQL injection. This can be exploited remotely, and public disclosures exist. The connected sources confirm affected software...

9.8CVSS7.3AI score0.00675EPSS
CVE
CVE
added 2024/03/27 2:31 a.m.64 views

CVE-2024-2944

CVE-2024-2944 concerns Campcodes Online Examination System 1.0. The vulnerability is an SQL injection in the /adminpanel/admin/query/deleteCourseExe.php file, triggered by manipulating the id parameter. The issue originates from the handling of the id input, allowing remote attackers to craft req...

6.5CVSS6.8AI score0.0055EPSS
Web
CVE
CVE
added 2024/03/27 2:0 a.m.63 views

CVE-2024-2941

Campcodes Online Examination System 1.0 contains a SQL injection vulnerability in the /adminpanel/admin/query/loginExe.php loginExe.php handler. The issue arises from unsafely manipulating the pass parameter, enabling remote exploitation. Multiple connected sources confirm the vulnerability's exi...

9.8CVSS6.8AI score0.00689EPSS
CVE
CVE
added 2024/03/27 2:31 a.m.63 views

CVE-2024-2943

CVE-2024-2943 affects Campcodes Online Examination System 1.0. The vulnerability resides in the file /adminpanel/admin/query/deleteExamExe.php, where manipulating the id parameter triggers a SQL injection. Exploitation can be performed remotely and the vulnerability has been publicly disclosed. M...

6.5CVSS6.9AI score0.00512EPSS
Web
CVE
CVE
added 2024/03/27 3:0 a.m.63 views

CVE-2024-2945

CVE-2024-2945 affects Campcodes Online Examination System 1.0. The vulnerability is an SQL injection in an unknown function of /adminpanel/admin/facebox_modal/updateExaminee.php, where manipulating the id parameter enables remote exploitation. Public exploits have been disclosed. Multiple sources...

6.5CVSS6.8AI score0.00512EPSS
Web
CVE
CVE
added 2024/03/27 1:31 a.m.57 views

CVE-2024-2940

CVE-2024-2940 affects Campcodes Online Examination System 1.0. The vulnerability is a cross-site scripting in the /adminpanel/admin/facebox_modal/updateCourse.php file triggered by manipulating the id argument. It is remotely exploitable and has been publicly disclosed (VDB-258031). Public notice...

6.1CVSS3.8AI score0.00556EPSS
Web
CVE
CVE
added 2024/03/27 1:0 a.m.56 views

CVE-2024-2939

CVE-2024-2939 affects Campcodes Online Examination System 1.0. The vulnerability exists in the updateExaminee.php path (commonly reported as /adminpanel/admin/facebox_modal/updateExaminee.php or /adminpanel/admin/facebox_model/updateExaminee.php) where manipulation of the id argument enables cros...

6.1CVSS3.7AI score0.0058EPSS
Web
CVE
CVE
added 2024/03/27 1:0 a.m.54 views

CVE-2024-2938

Campcodes Online Examination System 1.0 is affected by a SQL injection in the id parameter of /adminpanel/admin/facebox_modal/updateCourse.php. The vulnerability enables remote exploitation and a public exploit exists. Affected component is the updateCourse functionality, with the root cause bein...

6.5CVSS6.8AI score0.00572EPSS
Web
CVE
CVE
added 2024/05/15 10:0 p.m.53 views

CVE-2024-4915

CVE-2024-4915 affects Campcodes Online Examination System 1.0, with the vulnerability located in the file result.php and triggered by manipulating the id argument to cause SQL injection. Descriptions across sources (NVD, CVE listings, Vuln enrichment, PT-Security) confirm remote exploitation pote...

9.8CVSS7.3AI score0.00767EPSS
CVE
CVE
added 2024/05/15 11:0 p.m.52 views

CVE-2024-4917

CVE-2024-4917 affects Campcodes Online Examination System 1.0. The vulnerability resides in submitAnswerExe.php, where manipulation of the exmne_id parameter enables an SQL injection. Exploitation is network-based and has been disclosed publicly. Multiple sources consistently describe the issue a...

9.8CVSS7.3AI score0.00615EPSS
CVE
CVE
added 2024/05/15 9:0 p.m.48 views

CVE-2024-4913

The CVE-2024-4913 entry concerns Campcodes Online Examination System version 1.0, affecting the file exam.php. The vulnerability arises from manipulation of the id argument, enabling SQL injection. Exploitation appears possible remotely and public disclosure exists. Several connected sources reit...

9.8CVSS7.5AI score0.00541EPSS
CVE
CVE
added 2024/05/15 11:31 p.m.48 views

CVE-2024-4919

CVE-2024-4919 affects Campcodes Online Examination System 1.0. The vulnerability exists in unknown code of the file /adminpanel/admin/query/addCourseExe.php where manipulating the parameter course_name leads to SQL injection . The issue can be triggered remotely and the exploit has been disclosed...

9.8CVSS7.5AI score0.00575EPSS
Web
CVE
CVE
added 2024/05/15 10:31 p.m.47 views

CVE-2024-4916

CVE-2024-4916 affects Campcodes Online Examination System 1.0. The vulnerability resides in the file selExamAttemptExe.php where manipulating the thisId parameter enables an SQL injection. Attackable remotely, with exploitation reportedly disclosed publicly. The combined disclosures across multip...

9.8CVSS7.3AI score0.00575EPSS
CVE
CVE
added 2024/05/15 11:0 p.m.45 views

CVE-2024-4918

CVE-2024-4918 affects Campcodes Online Examination System 1.0. The issue resides in the file updateQuestion.php, where manipulation of the parameter id leads to a SQL injection vulnerability. The vulnerability can be exploited remotely and has been disclosed publicly. Multiple sources corroborate...

9.8CVSS7.3AI score0.00579EPSS
CVE
CVE
added 2024/05/15 8:31 p.m.44 views

CVE-2024-4912

CVE-2024-4912 affects Campcodes Online Examination System 1.0, specifically the file addExamExe.php. The vulnerability arises from unsafe handling of the examTitle parameter, enabling SQL injection. It is described as remote-exploitable with public disclosure of the exploit. Connected documents c...

9.8CVSS7.4AI score0.00541EPSS