CVE-2023-45120 – Online Examination System v1.0 - Multiple Authenticated SQL Injections (SQLi)
https://notcve.org/view.php?id=CVE-2023-45120
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database. Online Examination System v1.0 es afectado por múltiples vulnerabilidades de inyección SQL autenticadas. El parámetro 'qid' del recurso update.php no valida los caracteres recibidos y se envían sin filtrar a la base de datos. • https://fluidattacks.com/advisories/argerich https://projectworlds.in • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-45119 – Online Examination System v1.0 - Multiple Authenticated SQL Injections (SQLi)
https://notcve.org/view.php?id=CVE-2023-45119
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database. Online Examination System v1.0 es afectado por múltiples vulnerabilidades de inyección SQL autenticadas. El parámetro 'n' del recurso update.php no valida los caracteres recibidos y se envían sin filtrar a la base de datos. • https://fluidattacks.com/advisories/argerich https://projectworlds.in • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-45118 – Online Examination System v1.0 - Multiple Authenticated SQL Injections (SQLi)
https://notcve.org/view.php?id=CVE-2023-45118
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. Online Examination System v1.0 es afectado por múltiples vulnerabilidades de inyección SQL autenticadas. El parámetro 'fdid' del recurso update.php no valida los caracteres recibidos y se envían sin filtrar a la base de datos. • https://fluidattacks.com/advisories/argerich https://projectworlds.in • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-45117 – Online Examination System v1.0 - Multiple Authenticated SQL Injections (SQLi)
https://notcve.org/view.php?id=CVE-2023-45117
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database. Online Examination System v1.0 es afectado por múltiples vulnerabilidades de inyección SQL autenticadas. El parámetro 'eid' del recurso update.php no valida los caracteres recibidos y se envían sin filtrar a la base de datos. • https://fluidattacks.com/advisories/argerich https://projectworlds.in • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-45116 – Online Examination System v1.0 - Multiple Authenticated SQL Injections (SQLi)
https://notcve.org/view.php?id=CVE-2023-45116
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. Online Examination System v1.0 es afectado por múltiples vulnerabilidades de inyección SQL autenticadas. El parámetro 'demail' del recurso update.php no valida los caracteres recibidos y se envían sin filtrar a la base de datos. • https://fluidattacks.com/advisories/argerich https://projectworlds.in • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •