Product:

Online_examination_system

(Projectworlds)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 17
Date Id Summary Products Score Patch Annotated
2022-10-14 CVE-2022-42066 Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php. Online_examination_system 6.1
2025-04-29 CVE-2025-4058 A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroop_process.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Online_examination_system 9.8
2025-04-28 CVE-2025-4034 A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Online_examination_system 9.8
2025-04-28 CVE-2025-4034 A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Online_examination_system 9.8
2025-04-28 CVE-2025-4034 A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inser_doc_process.php. The manipulation of the argument Doc_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Online_examination_system 9.8
2022-01-21 CVE-2021-46307 An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. Online_examination_system 9.8
2023-11-01 CVE-2023-45201 Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. Online_examination_system N/A
2023-11-01 CVE-2023-45202 Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. Online_examination_system N/A
2023-11-01 CVE-2023-45203 Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. Online_examination_system N/A
2024-08-15 CVE-2024-42843 Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php. Online_examination_system 9.8