CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30016
https://notcve.org/view.php?id=CVE-2023-30016
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_details_edit.php. Vulnerabilidad de inyección SQL en oretnom23 Judging Management System v1.0, permite a atacantes remotos ejecutar código arbitrario y obtener información confidencial a través del parámetro sub_event_id en sub_event_details_edit.php. • https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30014
https://notcve.org/view.php?id=CVE-2023-30014
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_stat_update.php. Vulnerabilidad de inyección SQL en oretnom23 Judging Management System v1.0, permite a atacantes remotos ejecutar código arbitrario y obtener información confidencial a través del parámetro sub_event_id en sub_event_stat_update.php. • https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30015
https://notcve.org/view.php?id=CVE-2023-30015
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via txtsearch parameter in review_search.php. Vulnerabilidad de inyección SQL en oretnom23 Judging Management System v1.0, permite a atacantes remotos ejecutar código arbitrario y obtener información confidencial a través del parámetro txtsearch en review_search.php. • https://github.com/Pings1031/cve_report/blob/main/judging-management-system/SQLi-3.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •