12 matches found
CVE-2024-7367
The CVE-2024-7367 entry concerns SourceCodester Simple Realtime Quiz System 1.0. A CSRF vulnerability exists in the /ajax.php?action=save_user endpoint. The impact is described as high (confidentiality, integrity, and availability), with remote initiation possible and an exploit publicly disclose...
CVE-2024-7370
CVE-2024-7370 affects SourceCodester Simple Realtime Quiz System 1.0. Affected is an unknown function in the file /manage_quiz.php, where manipulating the id parameter leads to SQL injection. Exploitation can be performed remotely, and the exploit has been disclosed publicly (VDB-273354). Connect...
CVE-2024-7372
SourceCodester Simple RealTime Quiz System 1.0 is affected. The vulnerability is a SQL injection in /quiz_board.php triggered by the quiz parameter, allowing remote exploitation. Exploit details are publicly disclosed per CVE-2024-7372, with high impact on confidentiality, integrity, and availabi...
CVE-2024-7368
CVE-2024-7368 affects SourceCodester Simple Realtime Quiz System 1.0 in the /ajax.php?action=save_quiz endpoint. The vulnerability arises from manipulating the title parameter, enabling cross-site scripting (XSS). The issue can be exploited remotely and is publicly disclosed. Exploit details are ...
CVE-2024-7369
The CVE-2024-7369 entry concerns SourceCodester Simple Realtime Quiz System 1.0. The vulnerability is in the Login component processing the file /ajax.php?action=login, where manipulation of the username argument leads to an SQL injection. The issue is exploitable remotely and has been disclosed ...
CVE-2024-7371
SourceCodester Simple Realtime Quiz System 1.0 has a SQL injection vulnerability in /quiz_view.php triggered by manipulating the id parameter. The issue is exploitable remotely and has been publicly disclosed. Affected component is the quiz_view.php handling of the id argument; exact root cause i...
CVE-2024-7374
SourceCodester Simple Realtime Quiz System 1.0 is affected by CVE-2024-7374 due to an SQL injection in /manage_user.php caused by manipulating the id parameter. This vulnerability can be exploited remotely and does not require authentication; public exploit information is available. The CVSS metr...
CVE-2024-7378
SourceCodester Simple Realtime Quiz System 1.0 is affected by a SQL injection in the id parameter of /manage_question.php. The vulnerability allows remote exploitation and is classified as critical/medium depending on metric set; multiple sources confirm an unauthenticated or low-privilege path c...
CVE-2024-7375
CVE-2024-7375 affects SourceCodester Simple Realtime Quiz System 1.0. The vulnerability is an SQL injection in the /my_quiz_result.php handler, triggered by manipulating the quiz parameter. Attack vector is network-based with low complexity and no user interaction required; exploit could be remot...
CVE-2024-7373
CVE-2024-7373 affects SourceCodester Simple Realtime Quiz System 1.0. The /ajax.php?action=load_answered endpoint has an SQL injection vulnerability via the id parameter; exploitation can be performed remotely. The exploit has been disclosed publicly (VDB-273357). The provided connected documents...
CVE-2024-7377
SourceCodester Simple Realtime Quiz System 1.0 is affected by CVE-2024-7377 due to an SQL injection in the /view_result.php file triggered by manipulating the qid parameter. The vulnerability is exploitable remotely and has potential impact on confidentiality, integrity, and availability (per the...
CVE-2024-7376
CVE-2024-7376 affects SourceCodester Simple Realtime Quiz System 1.0. The vulnerability is an SQL injection in the id parameter of /print_quiz_records.php, allowing remote exploitation. Public exploitation is indicated. No official patch/version fix is provided in the supplied documents; some sou...