Engineers Online Portal

engineers_online_portal

Vendor: Engineers Online Portal Project • 23 CVEs

CVEs (23)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-42666 1Engineers Online Portal Project 1Engineers Online Portal Nov 21, 2024 Nov 5, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cas...Show more A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server.Show less
CVE-2021-42665 1Engineers Online Portal Project 1Engineers Online Portal Nov 21, 2024 Nov 5, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication.
CVE-2021-42664 1Engineers Online Portal Project 1Engineers Online Portal Nov 21, 2024 Nov 5, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the (1) Quiz title and (2) quiz description parameters to add_quiz.php. An attacker can leverage this vulnera...Show more A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the (1) Quiz title and (2) quiz description parameters to add_quiz.php. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more.Show less

Previous 12