projectworlds online_examination_system CVE Vulnerabilities (16)

CVEs: 16 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting projectworlds online_examination_system (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 116 of 16 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-4706 A vulnerability was found in projectworlds Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Procedure3b_yearwiseVisit.php. The manipulation of the argument Visit_year leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. [email protected] 6.9 0.42% 2025-05-15 2026-06-17
CVE-2025-4058 A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroop_process.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. [email protected] 6.9 0.42% 2025-04-29 2026-06-17
CVE-2025-4034 A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. [email protected] 6.9 0.41% 2025-04-28 2026-06-17
CVE-2024-42843 Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php. [email protected] 9.8 0.62% 2024-08-15 2026-06-17
CVE-2023-45121 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database. [email protected] 8.8 0.67% 2023-12-21 2026-06-17
CVE-2023-45120 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the /update.php?q=quiz&step=2 resource does not validate the characters received and they are sent unfiltered to the database. [email protected] 8.8 0.65% 2023-12-21 2026-06-17
CVE-2023-45119 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database. [email protected] 8.8 0.67% 2023-12-21 2026-06-17
CVE-2023-45118 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. [email protected] 8.8 0.67% 2023-12-21 2026-06-17
CVE-2023-45117 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database. [email protected] 8.8 0.51% 2023-12-21 2026-06-17
CVE-2023-45116 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. [email protected] 8.8 0.67% 2023-12-21 2026-06-17
CVE-2023-45115 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database. [email protected] 8.8 0.67% 2023-12-21 2026-06-17
CVE-2023-45203 Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. [email protected] 6.1 0.41% 2023-11-01 2026-06-17
CVE-2023-45202 Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. [email protected] 6.1 0.41% 2023-11-01 2026-06-17
CVE-2023-45201 Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. [email protected] 6.1 0.39% 2023-11-01 2026-06-17
CVE-2022-42066 Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php. [email protected] 6.1 0.55% 2022-10-14 2026-06-17
CVE-2021-46307 An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. [email protected] 9.8 1.56% 2022-01-21 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence