Skip to main content

Exam Reviewer Management System

2 CVEs product

Monthly

CVE-2022-40878 HIGH POC THREAT This Week

In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Exam Reviewer Management System
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
23.2%
CVE-2022-40877 CRITICAL POC Act Now

Exam Reviewer Management System 1.0 is vulnerable to SQL Injection via the ‘id’ parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Exam Reviewer Management System
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
1.1%
EPSS 23% CVSS 8.8
HIGH POC THREAT This Week

In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload +1
NVD Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Exam Reviewer Management System 1.0 is vulnerable to SQL Injection via the ‘id’ parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Exam Reviewer Management System
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy