CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8328 – HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - Reflected XSS
https://notcve.org/view.php?id=CVE-2024-8328
30 Aug 2024 — Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary JavaScript code and perform Reflected Cross-site scripting attacks. • https://www.twcert.org.tw/en/cp-139-8033-0a98f-2.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8327 – HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - SQL injection
https://notcve.org/view.php?id=CVE-2024-8327
30 Aug 2024 — Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary SQL commands to read, modify, and delete database contents. Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary SQL commands to read, modify, and delete datab... • https://www.twcert.org.tw/en/cp-139-8032-a3d5c-2.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •