Lucene search
+L
Judging Management System ProjectJudging Management System

17 matches found

CVE
CVE
added 2023/03/22 10:31 a.m.103 views

CVE-2023-1556

SourceCodester Judging Management System 1.0 has a SQL injection vulnerability in summary_results.php triggered by manipulating the main_event_id parameter. Exploitation is possible remotely, and public disclosures exist for CVE-2023-1556 (VDB-223549). Affected function appears to be an unknown a...

9.8CVSS8.3AI score0.00743EPSS
CVE
CVE
added 2023/03/03 12:0 a.m.96 views

CVE-2023-24643

CVE-2023-24643 affects Judging Management System v1.0. The vulnerability is a SQL injection in the sid parameter of /php-jms/updateBlankTxtview.php. CVSS 3.1 base score 9.8 (CRITICAL) with NETWORK attack vector, no privileges, no user interaction required. Impact: high confidentiality, integrity,...

9.8CVSS9.7AI score0.00832EPSS
Web
CVE
CVE
added 2023/10/15 10:31 p.m.93 views

CVE-2023-5589

The CVE-2023-5589 entry concerns SourceCodester Judging Management System 1.0. The vulnerability affects the login.php file, where the password parameter can be manipulated to trigger SQL injection. Exploitation is described as remote, with public disclosures of the exploit. Impact is high/critic...

9.8CVSS8.9AI score0.0072EPSS
CVE
CVE
added 2023/05/15 12:0 a.m.91 views

CVE-2023-30245

CVE-2023-30245 affects Judging Management System v1.0. The vulnerability is a SQL injection in the crit_id parameter of edit_criteria.php due to insufficient input validation, enabling remote execution of arbitrary code. The issue is documented across multiple sources (CNVD, Red Hat, NVD, CNNVD, ...

9.8CVSS9.7AI score0.01311EPSS
CVE
CVE
added 2023/04/16 7:31 a.m.65 views

CVE-2023-2108

CVE-2023-2108 affects SourceCodester Judging Management System 1.0, with a vulnerability in the edit_contestant.php function where manipulating contestant_id enables SQL injection. The issue is exploitable remotely and has been disclosed publicly. Affected file is either edit_contestant.php or re...

9.8CVSS8.4AI score0.00613EPSS
CVE
CVE
added 2023/03/03 12:0 a.m.64 views

CVE-2023-24642

Judging Management System v1.0 is affected by a SQL injection in the sid parameter of /php-jms/updateTxtview.php (CVE-2023-24642). The vulnerability is confirmed in multiple sources in the Connected documents; CVSS v3.1 indicates a CRITICAL severity (9.8) with network access, no authentication, a...

9.8CVSS9.7AI score0.00832EPSS
Web
CVE
CVE
added 2023/02/23 12:0 a.m.62 views

CVE-2023-24317

Judging Management System 1.0 contains an arbitrary file upload vulnerability in the edit_organizer.php component. CVSSv3.1: 8.1 (HIGH) with Network attack vector, Low complexity, Privileges Required: LOW, User Interaction: NONE, Scope: UNCHANGED; Confidentiality and Integrity impacts HIGH, Avail...

8.1CVSS8.1AI score0.01387EPSS
CVE
CVE
added 2023/01/12 12:0 a.m.61 views

CVE-2022-46622

CVE-2022-46622 is an XSS vulnerability in the Judging Management System v1.0. A crafted payload injected into the firstname parameter can cause execution of arbitrary web scripts/HTML. The CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N with a base score of 6.1 (Medium) ; impact is noted ...

6.1CVSS5.8AI score0.00497EPSS
CVE
CVE
added 2023/01/12 12:0 a.m.61 views

CVE-2022-46623

CVE-2022-46623 affects Judging Management System v1.0.0, with a SQL injection vulnerability exploitable via the username parameter. The available documents consistently describe the issue as a SQL injection in the username field, but do not provide concrete details on exploited versions beyond 1....

7.8CVSS7.8AI score0.00356EPSS
CVE
CVE
added 2023/05/04 12:0 a.m.59 views

CVE-2023-30077

Judging Management System v1.0 (oretnom23) is vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainevent_id. CVSS v3.1 base score 9.8 (CRITICAL) with network access, no user interaction required. The issue affects the endpoint handling the mainevent_id parameter and is de...

9.8CVSS9.8AI score0.00788EPSS
Web
CVE
CVE
added 2023/03/03 12:0 a.m.58 views

CVE-2023-24641

CVE-2023-24641 pertains to Judging Management System v1.0, where a SQL injection vulnerability exists in the updateview.php endpoint via the sid parameter. Concrete details across connected sources confirm a high-severity issue (CVSS v3.1: 9.8, CRITICAL) with network access, no user interaction, ...

9.8CVSS9.7AI score0.00832EPSS
Web
CVE
CVE
added 2023/05/04 12:0 a.m.56 views

CVE-2023-30203

CVE-2023-30203 affects Judging Management System v1.0, where a SQL injection exists via the event_id parameter in /php-jms/result_sheet.php. The vulnerability arises from unsafeguarded input handling in that endpoint, enabling an attacker to manipulate SQL queries. Documentation consistently desc...

9.8CVSS9.7AI score0.00752EPSS
Web
CVE
CVE
added 2023/05/08 12:0 a.m.51 views

CVE-2023-30018

CVE-2023-30018 affects Judging Management System v1.0. The connected records confirm a SQL Injection vulnerability in the application, exploitable via the parameter mainevent_id in /php-jms/review_se_result.php. The CVSSv3.1 metrics indicate a critical impact (base score 9.8; confidentiality, int...

9.8CVSS9.5AI score0.00752EPSS
Web
CVE
CVE
added 2023/05/03 12:0 a.m.50 views

CVE-2023-30204

Judging Management System v1.0 is affected by a SQL injection vulnerability in the judge_id parameter of /php-jms/edit_judge.php. The issue is confirmed across multiple feeds linked to CVE-2023-30204, with CVSS v3.1 scores of 9.8 (CRITICAL, NETWORK external access, no user interaction required). ...

9.8CVSS9.7AI score0.00602EPSS
Web
CVE
CVE
added 2023/05/12 12:0 a.m.50 views

CVE-2023-30246

CVE-2023-30246 affects Judging Management System v1.0. The issue is a SQL injection via the contestant_id parameter, enabling a remote attacker to execute arbitrary code. The CVSS v3.1 vector from sources indicates a CRITICAL base score (9.8) with NETWORK attack vector, LOW attack complexity, and...

9.8CVSS9.7AI score0.01311EPSS
CVE
CVE
added 2023/04/20 12:0 a.m.47 views

CVE-2023-30076

CVE-2023-30076 affects Sourcecodester Judging Management System v1.0. It is a SQL Injection vulnerability in print_judges.php (endpoint /php-jms/print_judges.php?print_judges.php=&se_name=&sub_event_id=). Underlying issue is unsafely constructed SQL in the affected script. Impact is rated high ac...

9.8CVSS9.7AI score0.00752EPSS
Web
CVE
CVE
added 2023/08/08 12:0 a.m.41 views

CVE-2023-37682

Judging Management System v1.0 contains an SQL injection in /php-jms/deductScores.php triggered by the id parameter due to insufficient input validation. Public sources (CNVD, Red Hat, NVD and others) describe that this allows arbitrary SQL execution and potential access to sensitive database dat...

9.8CVSS9.8AI score0.00574EPSS
Web