Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Faculty Evaluation System ProjectFaculty Evaluation System

14 matches found

CVE
CVEadded 2023/05/26 12:0 a.m.166 views

CVE-2023-33440

CVE-2023-33440 affects Sourcecodester Faculty Evaluation System v1.0. The vulnerability is an arbitrary code execution via the endpoint /eval/ajax.php?action=save_user. CVSS v3.1 metrics indicate HIGH severity (7.2) with NETWORK attack vector, low complexity, and no user interaction required, gra...

7.2CVSS7.3AI score0.90444EPSS
Web
CVE
CVEadded 2023/05/26 12:0 a.m.160 views

CVE-2023-33439

Summary of CVE-2023-33439 : Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection through the endpoint /eval/admin/manage_task.php?id=. The connected nuclei template confirms the vulnerable component/parameter and notes a high-severity impact: arbitrary SQL execution that c...

7.2CVSS7.3AI score0.52577EPSS
Web
CVE
CVEadded 2023/06/06 12:0 a.m.147 views

CVE-2023-33569

CVE-2023-33569 affects Sourcecodester Faculty Evaluation System v1.0. The vulnerability is an arbitrary code execution via the endpoint ip/eval/ajax.php?action=update_user (or update user per sources). Affected component is the eval/ajax handler; root cause is not detailed beyond code execution r...

7.2CVSS7.3AI score0.00281EPSS
Web
CVE
CVEadded 2023/04/28 12:0 p.m.55 views

CVE-2023-2366

CVE-2023-2366 concerns a SQL injection in SourceCodester Faculty Evaluation System 1.0, exploited via the function in file ajax.php?action=delete_class where the attacker can manipulate the id parameter. Multiple sources report remote exploitation with high impact, including potential disclosure ...

9.8CVSS8.2AI score0.00282EPSS
CVE
CVEadded 2023/04/28 12:31 p.m.50 views

CVE-2023-2368

CVE-2023-2368 describes a SQL injection vulnerability in SourceCodester Faculty Evaluation System 1.0, affecting the file index.php?page=manage_questionnaire where the id parameter is manipulable. Multiple connected sources confirm remote exploitation potential and public disclosure of the exploi...

9.8CVSS7.4AI score0.00274EPSS
CVE
CVEadded 2023/05/15 12:0 a.m.48 views

CVE-2023-31843

CVE-2023-31843 affects Sourcecodester Faculty Evaluation System v1.0, where the vulnerability is a SQL injection in the endpoint /eval/admin/view_faculty.php?id= (input parameter). The Red Hat/CNVD/CNNVD and other connected records confirm the same flaw across multiple sources. The underlying iss...

7.2CVSS7.3AI score0.0026EPSS
Web
CVE
CVEadded 2023/05/29 2:0 p.m.47 views

CVE-2023-2962

The CVE-2023-2962 issue affects SourceCodester Faculty Evaluation System 1.0, specifically the file index.php?page=edit_user. The root cause is improper handling of the id parameter, enabling SQL injection that can be triggered remotely. Multiple connected sources corroborate a critical vulnerabi...

9.8CVSS7.3AI score0.00071EPSS
CVE
CVEadded 2023/04/28 12:31 p.m.46 views

CVE-2023-2367

CVE-2023-2367 affects SourceCodester Faculty Evaluation System 1.0. The vulnerability is an SQL injection in the /admin/manage_academic.php file via the id parameter. This can be exploited remotely and, according to sources, the exploit has been disclosed publicly. Multiple feeds (NVD, Red Hat, C...

9.8CVSS7.4AI score0.00311EPSS
Web
CVE
CVEadded 2023/05/15 12:0 a.m.46 views

CVE-2023-31844

CVE-2023-31844 affects Sourcecodester Faculty Evaluation System v1.0. The vulnerability is an SQL Injection in /eval/admin/manage_subject.php?id=, as reported across multiple sources (NVD, Red Hat, CNNVD, CVE records). CVSS v3.1: Base score 7.2 (HIGH), vectors: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H...

7.2CVSS7.4AI score0.0026EPSS
Web
CVE
CVEadded 2023/05/15 12:0 a.m.45 views

CVE-2023-31845

CVE-2023-31845 affects Sourcecodester Faculty Evaluation System v1.0. The vulnerability is a SQL Injection in the endpoint /eval/admin/manage_class.php?id= (unsanitized id parameter). The CVSS 3.1 vector indicates a NETWORK attack, with PR:High , UI:None , and impact on all three security goals (...

7.2CVSS7.4AI score0.0026EPSS
Web
CVE
CVEadded 2023/05/15 12:0 a.m.43 views

CVE-2023-31842

CVE-2023-31842 affects Sourcecodester Faculty Evaluation System v1.0. The vulnerability is an SQL Injection in the endpoint /eval/index.php?page=edit_faculty&id=, allowing injection via that parameter. The Red Hat/NVD entries corroborate the same issue. CVSSv3.1 metrics indicate a High impact ( C...

7.2CVSS7.4AI score0.0026EPSS
Web
CVE
CVEadded 2023/08/01 12:0 a.m.43 views

CVE-2023-36118

CVE-2023-36118 is a Cross Site Scripting vulnerability affecting Faculty Evaulation System v1.0 (PHP/MySQLi). The flaw occurs in the page parameter, allowing a crafted payload to execute arbitrary code in the user’s browser. No official patch/version fixes are documented in the provided sources; ...

5.4CVSS5.7AI score0.00232EPSS
CVE
CVEadded 2023/04/28 1:0 p.m.41 views

CVE-2023-2369

CVE-2023-2369 affects SourceCodester Faculty Evaluation System 1.0. A vulnerability exists in the admin/manage_restriction.php endpoint where the manipulation of the id argument enables SQL injection. The issue can be exploited remotely and, according to multiple sources, the exploit is public. S...

9.8CVSS6.2AI score0.00311EPSS
Web
CVE
CVEadded 2023/04/28 11:31 a.m.39 views

CVE-2023-2365

CVE-2023-2365 affects SourceCodester Faculty Evaluation System 1.0. The vulnerability is a SQL injection in the file ajax.php?action=delete_subject, triggered by manipulating the id argument. Many connected sources confirm remote exploitation and classify the issue as critical/high impact on conf...

9.8CVSS8.3AI score0.00291EPSS