Security Advisory

CVE-2023-45115

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-21 15:36:52

Last updated 2025-05-21 14:10:51

Assigner Fluid Attacks

State PUBLISHED

Description

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The ch parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database.

← Browse all CVEs View on cve.org ↗