Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectworlds online examination system 1.0 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-45201
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an malicious user to redirect a victim user to an arbitrary web site using a crafted URL.
Projectworlds Online Examination System 1.0
6.1
CVSSv3
CVE-2023-45202
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an malicious user to redirect a victim user to an arbitrary web site using a crafted URL.
Projectworlds Online Examination System 1.0
6.1
CVSSv3
CVE-2023-45203
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an malicious user to redirect a victim user to an arbitrary web site using a crafted URL.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45115
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45116
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45117
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45118
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45119
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45120
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45121
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »