5 matches found
CVE-2022-42201
The CVE-2022-42201 entry concerns Simple Exam Reviewer Management System v1.0, vulnerable to an insecure file upload. Multiple connected sources confirm the affected software and the underlying issue is unrestricted/unsafe file upload, enabling Malicious file uploads and potentially total impact ...
CVE-2022-42198
CVE-2022-42198 affects Simple Exam Reviewer Management System v1.0. The vulnerable component is the User List function, with an insecure file upload vulnerability as the root cause. CVSSv3.1 indicates high impact to confidentiality, integrity, and availability (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...
CVE-2022-42199
CVE-2022-42199 affects Simple Exam Reviewer Management System v1.0 and is a CSRF vulnerability via the Exam List. CVSS v3.1 base score 8.8 (HIGH) with network attack vector, no privileges, user interaction required. Exploitation and impact details are not deeply described in all sources, but Red ...
CVE-2022-42200
CVE-2022-42200 affects the Simple Exam Reviewer Management System v1.0. The vulnerability is a Stored Cross Site Scripting (XSS) in the Exam List, allowing injected scripts to execute in other users’ browsers. Public documentation in the connected sources confirms the issue and its presence in th...
CVE-2022-42197
CVE-2022-42197 affects Simple Exam Reviewer Management System v1.0, specifically the User List function. The vulnerability arises from improper access control that allows low-privileged users to modify other users’ privileges to higher levels. The available connected sources confirm the affected ...