Lucene search
K
Online Examination System ProjectOnline Examination System

7 matches found

CVE
CVE
added 2023/11/02 1:42 a.m.55 views

CVE-2023-45111

Online Examination System v1.0 contains unauthenticated SQL injection vulnerabilities in feed.php, caused by improper validation/escaping of the email parameter. This vulnerability (CVE-2023-45111) is reported across multiple sources, with the weakness described as unfiltered input reaching the d...

9.8CVSS10AI score0.007EPSS
CVE
CVE
added 2020/12/09 10:18 p.m.48 views

CVE-2020-29257

CVE-2020-29257: Cross-site scripting in Online Examination System 1.0 (SourceCodester Online Examination System) via the q parameter to feedback.php. Root cause: user input in q is not properly filtered, enabling injection of JavaScript that can execute in the victim’s browser. Documented impact:...

6.1CVSS6AI score0.00692EPSS
CVE
CVE
added 2020/12/09 10:34 p.m.45 views

CVE-2020-29259

CVE-2020-29259 is a cross-site scripting (XSS) vulnerability in Online Examination System 1.0, exploitable via the subject or feedback parameter to feedback.php. The root cause is insufficient input validation/ sanitization of user-supplied data, enabling attacker-controlled script execution in t...

5.4CVSS5.3AI score0.00665EPSS
CVE
CVE
added 2023/07/07 12:0 a.m.40 views

CVE-2023-36256

CVE-2023-36256 affects The Online Examination System Project 1.0. The vulnerability is a CSRF flaw where an attacker can craft a malicious link that, when clicked by an admin, deletes a user account from the database via a URL parameter (email). This can cause data loss and does not require admin...

6.5CVSS6.5AI score0.00382EPSS
CVE
CVE
added 2021/05/24 12:41 p.m.39 views

CVE-2020-26006

Project Worlds Online Examination System 1.0 is vulnerable to Cross-Site Scripting (XSS) via account.php. Multiple sources (NVD CVE-2020-26006; CNVD/CNNVD entries) confirm an XSS vulnerability in this version, enabling injection of malicious JavaScript to execute in a user’s browser and potential...

6.1CVSS6AI score0.00685EPSS
CVE
CVE
added 2021/05/24 12:40 p.m.38 views

CVE-2020-25411

CVE-2020-25411 : Projectworlds Online Examination System 1.0 is vulnerable to Cross-Site Request Forgery (CSRF) , allowing a remote attacker to delete an existing user. Connected documents corroborate the CSRF root cause and the impact as user deletion. No concrete technical details (endpoints, p...

6.5CVSS6.4AI score0.00658EPSS
CVE
CVE
added 2020/12/09 10:22 p.m.38 views

CVE-2020-29258

CVE-2020-29258 is an XSS vulnerability in Online Examination System 1.0, exploitable via the w parameter in index.php. The affected component is the web application’s index.php handling the w query parameter, enabling attacker-supplied script to be reflected to the user. Documented impact is clie...

6.1CVSS6AI score0.00677EPSS