CVE-2024-2945

A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. Affected is an unknown function of the file /adminpanel/admin/facebox_modal/updateExaminee.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack r...

CVE-2024-2939

A vulnerability classified as problematic has been found in Campcodes Online Examination System 1.0. Affected is an unknown function of the file /adminpanel/admin/facebox_modal/updateExaminee.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack...

CVE-2020-29257

Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php.

CVE-2020-26006

Project Worlds Online Examination System 1.0 is affected by Cross Site Scripting (XSS) via account.php.

CVE-2020-29258

Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php.

CVE-2020-25411

Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user.

CVE-2023-36256

The Online Examination System Project 1.0 version is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can craft a malicious link that, when clicked by an admin user, will delete a user account from the database without the admin's consent. The email of the user to be deleted is ...