Interview Management System Security Vulnerabilities and Issues — Interview Management System CVE List

JanobeInterview Management System

7 matches found

CVE•added 2022/08/05 8:21 p.m.•67 views

CVE-2022-2679

SourceCodester Interview Management System 1.0 exposes a SQL injection in /viewReport.php via the id parameter (payload shown as UPDATEXML(9729,CONCAT(0x2e,0x716b707071,(SELECT (ELT(9729=9729,1))),0x7162766a71),7319)). The vulnerability is remotely exploitable and was disclosed publicly. Affected...

9.8CVSS8.3AI score0.00613EPSS

CVE•added 2022/08/05 8:22 p.m.•60 views

CVE-2022-2685

CVE-2022-2685 affects SourceCodester Interview Management System 1.0. The vulnerability is a cross-site scripting (XSS) flaw in the /addQuestion.php handler where the parameter question can be manipulated (example input: ). Exploitation is reported as remote. Connected sources confirm the issue i...

6.1CVSS4.8AI score0.00704EPSS

CVE•added 2022/09/08 3:58 p.m.•53 views

CVE-2022-38255

CVE-2022-38255 concerns Interview Management System v1.0. The vulnerability is a SQL injection in the id parameter of /interview/editQuestion.php. Root cause: unsanitized user input enabling arbitrary SQL execution. Reported by multiple sources (NVD/Red Hat/CVE lists and third-party embeds) with ...

7.2CVSS7.2AI score0.00812EPSS

Web

CVE•added 2022/09/08 4:52 p.m.•49 views

CVE-2022-38260

CVE-2022-38260 affects Interview Management System v1.0. A SQL injection exists in the component /interview/delete.php, exploitable via the query parameters action and id (e.g., /interview/delete.php?action=questiondelete&id=). The issue is confirmed across multiple sources in the connected docum...

7.2CVSS7.2AI score0.0083EPSS

Web

CVE•added 2022/09/19 6:39 p.m.•45 views

CVE-2022-38576

Interview Management System v1.0 is affected by a SQL injection in the /interview/delete.php?action=deletecand&id= endpoint. The root cause is unsanitized input in the deletecand/id parameter leading to SQL injection, with CVSS details indicating a high impact on confidentiality, integrity, and a...

7.2CVSS7.2AI score0.00821EPSS

Web

CVE•added 2025/11/10 1:2 p.m.•15 views

CVE-2025-12939

CVE-2025-12939 affects SourceCodester Interview Management System (up to 1.0). The vulnerability is an SQL injection in the file /addCandidate.php caused by manipulation of the candName parameter. It is exploitable remotely and an exploit has been publicly released. The known impact, per referenc...

9.8CVSS6.7AI score0.00282EPSS

CVE•added 2025/11/18 11:32 a.m.•9 views

CVE-2025-13343

CVE-2025-13343 concerns SourceCodester Interview Management System 1.0. Affected component: the function handling the parameter in /editQuestion.php (parameter: Question). The input manipulation results in cross-site scripting (XSS) and can be exploited remotely. Multiple sources confirm the issu...

5.4CVSS5.4AI score0.0032EPSS