Total
15 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45121 | 1 Projectworlds | 1 Online Examination System | 2025-05-19 | N/A | 8.8 HIGH |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-45120 | 1 Projectworlds | 1 Online Examination System | 2025-05-19 | N/A | 8.8 HIGH |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-45119 | 1 Projectworlds | 1 Online Examination System | 2025-05-19 | N/A | 8.8 HIGH |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-45118 | 1 Projectworlds | 1 Online Examination System | 2025-05-19 | N/A | 8.8 HIGH |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-45117 | 1 Projectworlds | 1 Online Examination System | 2025-05-19 | N/A | 8.8 HIGH |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-45116 | 1 Projectworlds | 1 Online Examination System | 2025-05-19 | N/A | 8.8 HIGH |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-45115 | 1 Projectworlds | 1 Online Examination System | 2025-05-19 | N/A | 8.8 HIGH |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2025-4058 | 1 Projectworlds | 1 Online Examination System | 2025-05-15 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroop_process.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-42066 | 1 Projectworlds | 1 Online Examination System | 2025-05-14 | N/A | 6.1 MEDIUM |
| Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php. | |||||
| CVE-2025-4034 | 1 Projectworlds | 1 Online Examination System | 2025-05-10 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-45203 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | N/A | 6.1 MEDIUM |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | |||||
| CVE-2023-45202 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | N/A | 6.1 MEDIUM |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | |||||
| CVE-2023-45201 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | N/A | 6.1 MEDIUM |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | |||||
| CVE-2021-46307 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. | |||||
| CVE-2024-42843 | 1 Projectworlds | 1 Online Examination System | 2024-08-19 | N/A | 9.8 CRITICAL |
| Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php. | |||||