Filtered by vendor Engineers Online Portal Project Subscriptions
Filtered by product Engineers Online Portal Subscriptions
Total 23 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-42666 1 Engineers Online Portal Project 1 Engineers Online Portal 2024-11-21 8.8 High
A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server.
CVE-2021-42665 1 Engineers Online Portal Project 1 Engineers Online Portal 2024-11-21 9.8 Critical
An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication.
CVE-2021-42664 1 Engineers Online Portal Project 1 Engineers Online Portal 2024-11-21 5.4 Medium
A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the (1) Quiz title and (2) quiz description parameters to add_quiz.php. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more.