Known Vulnerabilities
CVE-2024-42843
Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php.
CRITICAL
CVSS 9.8
Published Aug 15, 2024
CVE-2023-45116
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
HIGH
CVSS 8.8
Published Dec 21, 2023