Filtered by vendor Engineers Online Portal Project
Subscriptions
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-42665 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2021-11-23 | 9.8 Critical |
An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication. | ||||
CVE-2021-42664 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2021-11-17 | 5.4 Medium |
A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the (1) Quiz title and (2) quiz description parameters to add_quiz.php. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more. | ||||
CVE-2021-42670 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2021-11-17 | 9.8 Critical |
A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to the announcements_student.php web page. As a result a malicious user can extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server. |