VYPR

Engineers Online Portal

by Janobe

CVEs (25)

  • CVE-2023-5277Sep 29, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in SourceCodester Engineers Online Portal 1.0. This issue affects some unknown processing of the file student_avatar.php. The manipulation of the argument change leads to unrestricted upload. The attack may be…

  • CVE-2023-5276Sep 29, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. This vulnerability affects unknown code of the file downloadable_student.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The…

  • CVE-2021-43437Dec 20, 2021
    risk 0.00cvss epss 0.01

    In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Very often multiple websites are hosted on the same IP address. This is where the Host…

  • CVE-2021-42671Nov 5, 2021
    risk 0.00cvss epss 0.20

    An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server…

  • CVE-2021-42664Nov 5, 2021
    risk 0.00cvss epss 0.02

    A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the (1) Quiz title and (2) quiz description parameters to add_quiz.php. An attacker can leverage this vulnerability in order to run javascript commands on the web…

Page 2 of 2