Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectworlds online examination system 1.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-46307
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php.
Projectworlds Online Examination System 1.0
6.1
CVSSv3
CVE-2023-45201
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an malicious user to redirect a victim user to an arbitrary web site using a crafted URL.
Projectworlds Online Examination System 1.0
6.1
CVSSv3
CVE-2023-45202
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an malicious user to redirect a victim user to an arbitrary web site using a crafted URL.
Projectworlds Online Examination System 1.0
6.1
CVSSv3
CVE-2023-45203
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an malicious user to redirect a victim user to an arbitrary web site using a crafted URL.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45115
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45116
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45117
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45118
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45119
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45120
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »