Vulnerabilities > Engineers Online Portal Project > Engineers Online Portal > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2024-0349 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Engineers Online Portal Project Engineers Online Portal 1.0 A vulnerability was found in SourceCodester Engineers Online Portal 1.0. | 5.3 |
| 2024-01-09 | CVE-2024-0350 | Insufficient Session Expiration vulnerability in Engineers Online Portal Project Engineers Online Portal 1.0 A vulnerability was found in SourceCodester Engineers Online Portal 1.0. | 6.5 |
| 2024-01-09 | CVE-2024-0348 | Resource Exhaustion vulnerability in Engineers Online Portal Project Engineers Online Portal 1.0 A vulnerability was found in SourceCodester Engineers Online Portal 1.0. | 6.5 |
| 2021-11-05 | CVE-2021-42666 | SQL Injection vulnerability in Engineers Online Portal Project Engineers Online Portal 1.0 A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server. | 6.5 |
| 2021-11-05 | CVE-2021-42671 | Forced Browsing vulnerability in Engineers Online Portal Project Engineers Online Portal An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads. | 5.0 |