Vulnerabilities > CVE-2023-45116 - Unspecified vulnerability in Projectworlds Online Examination System 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |