Online Examination System Security Vulnerabilities and Issues — Online Examination System CVE List

Lucene search

ProjectworldsOnline Examination System

10 matches found

CVE•added 2023/11/01 11:15 p.m.•41 views

CVE-2023-45203

Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.

6.1CVSS6.3AI score0.00155EPSS

CVE•added 2023/11/01 11:15 p.m.•39 views

CVE-2023-45202

Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.

6.1CVSS6.3AI score0.00155EPSS

CVE•added 2023/11/01 10:15 p.m.•38 views

CVE-2023-45201

Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.

6.1CVSS6.2AI score0.00155EPSS

CVE•added 2023/12/21 4:15 p.m.•32 views

CVE-2023-45118

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.

8.8CVSS9.2AI score0.00117EPSS

CVE•added 2023/12/21 4:15 p.m.•31 views

CVE-2023-45119

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database.

8.8CVSS9.2AI score0.00129EPSS

CVE•added 2023/12/21 4:15 p.m.•29 views

CVE-2023-45115

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database.

8.8CVSS9.6AI score0.00117EPSS

CVE•added 2023/12/21 4:15 p.m.•29 views

CVE-2023-45117

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database.

8.8CVSS9.2AI score0.00097EPSS

CVE•added 2023/12/21 5:15 p.m.•28 views

CVE-2023-45120

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database.

8.8CVSS9.2AI score0.00116EPSS

CVE•added 2023/12/21 5:15 p.m.•26 views

CVE-2023-45121

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database.

8.8CVSS9.2AI score0.00129EPSS

CVE•added 2023/12/21 4:15 p.m.•20 views

CVE-2023-45116

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.

8.8CVSS9.2AI score0.00116EPSS