Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-40479 | 1 Jayesh | 1 Online Exam System | 2025-11-19 | N/A | 8.1 HIGH |
| A SQL injection vulnerability in "/admin/quizquestion.php" in Kashipara Online Exam System v1.0 allows remote attackers to execute arbitrary SQL commands via the "eid" parameter. | |||||
| CVE-2024-40480 | 1 Jayesh | 1 Online Exam System | 2025-03-14 | N/A | 9.8 CRITICAL |
| A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access. | |||||
| CVE-2024-40478 | 1 Jayesh | 1 Online Exam System | 2025-03-13 | N/A | 5.4 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields | |||||