Описание
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database.
Ссылки
- Issue TrackingThird Party Advisory
- Product
- Issue TrackingThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:projectworlds:online_examination_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00097
Низкий
8.8 High
CVSS3
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
около 2 лет назад
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.
EPSS
Процентиль: 27%
0.00097
Низкий
8.8 High
CVSS3
Дефекты
CWE-89
CWE-89