CVE-2022-35422

CVE-2022-35422 affects Web Based Quiz System v1.0, with a SQL injection via the qid parameter in update.php. The Red/European and vendor-related entries confirm the vulnerability is in the web app and involves the qid input being used in a SQL query, leading to potential data exposure or modifica...

CVE-2022-32991

Web Based Quiz System v1.0 is vulnerable to SQL injection via the eid parameter in welcome.php due to lack of input validation. This can allow an attacker to execute arbitrary SQL and potentially steal sensitive database data. Several sources (CNVD, NVD, Red Hat, CVE records) confirm the vulnerab...

CVE-2022-44411

CVE-2022-44411 affects Web Based Quiz System v1.0, where authentication transmits passwords in plaintext, enabling password disclosure via brute-force attacks. The linked metrics indicate high confidentiality impact (C:H) with network attack vector and low attack complexity, no integrity or avail...

CVE-2021-28006

CVE-2021-28006 affects Web Based Quiz System 1.0 with a reflected/stored XSS vulnerability in the admin.php endpoint via the options parameter. The Red Hat, CNVD, NVD, and CVE records in the connected documents corroborate a cross-site scripting flaw in this component, enabling attacker-injected ...

CVE-2021-28007

CVE-2021-28007 affects Web Based Quiz System 1.0 and is a reflected/stored cross-site scripting (XSS) vulnerability in register.php via the name parameter. The vulnerability is documented across multiple sources (NVD, Red Hat, CVE listing, CNNVD) with consistent description: XSS in the register.p...