Filtered by vendor Projectworlds Subscriptions
Filtered by product Online Examination System Subscriptions
Total 13 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-45203 1 Projectworlds 1 Online Examination System 2024-11-21 6.1 Medium
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.
CVE-2023-45202 1 Projectworlds 1 Online Examination System 2024-11-21 6.1 Medium
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.
CVE-2023-45201 1 Projectworlds 1 Online Examination System 2024-11-21 6.1 Medium
Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.
CVE-2023-45121 1 Projectworlds 1 Online Examination System 2024-11-21 9.8 Critical
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-45120 1 Projectworlds 1 Online Examination System 2024-11-21 9.8 Critical
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-45119 1 Projectworlds 1 Online Examination System 2024-11-21 9.8 Critical
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-45118 1 Projectworlds 1 Online Examination System 2024-11-21 9.8 Critical
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-45117 1 Projectworlds 1 Online Examination System 2024-11-21 9.8 Critical
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-45116 1 Projectworlds 1 Online Examination System 2024-11-21 9.8 Critical
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2023-45115 1 Projectworlds 1 Online Examination System 2024-11-21 9.8 Critical
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database.
CVE-2022-42066 1 Projectworlds 1 Online Examination System 2024-11-21 6.1 Medium
Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php.
CVE-2021-46307 1 Projectworlds 1 Online Examination System 2024-11-21 9.8 Critical
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php.
CVE-2024-42843 1 Projectworlds 1 Online Examination System 2024-08-19 9.8 Critical
Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php.