Code-Projects Online Exam Mastering System vulnerabilities
5 known vulnerabilities affecting code-projects/online_exam_mastering_system.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2025-46173MEDIUMCVSS 6.1v1.02025-05-27
CVE-2025-46173 [MEDIUM] CWE-79 CVE-2025-46173: code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) via the n
code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) via the name field in the feedback form.
nvd
CVE-2025-28121MEDIUMCVSS 6.1PoCv1.02025-04-21
CVE-2025-28121 [MEDIUM] CWE-79 CVE-2025-28121: code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedba
code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the "q" parameter allowing remote attackers to execute arbitrary code.
nvd
CVE-2024-12892MEDIUMCVSS 5.3v1.02024-12-22
CVE-2024-12892 [MEDIUM] CWE-79 CVE-2024-12892: A vulnerability classified as problematic was found in code-projects Online Exam Mastering System 1.
A vulnerability classified as problematic was found in code-projects Online Exam Mastering System 1.0. Affected by this vulnerability is an unknown functionality of the file /sign.php?q=account.php. The manipulation of the argument name/gender/college leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed t
cvelistv5nvd
CVE-2024-12891MEDIUMCVSS 5.3v1.02024-12-22
CVE-2024-12891 [MEDIUM] CWE-74 CVE-2024-12891: A vulnerability classified as critical has been found in code-projects Online Exam Mastering System
A vulnerability classified as critical has been found in code-projects Online Exam Mastering System 1.0. Affected is an unknown function of the file /account.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
cvelistv5nvd
CVE-2024-12890MEDIUMCVSS 5.3v1.02024-12-22
CVE-2024-12890 [MEDIUM] CWE-74 CVE-2024-12890: A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as cr
A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /update.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
cvelistv5nvd