Filtered by vendor Jayesh Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-40478 1 Jayesh 1 Online Exam System 2024-09-16 5.4 Medium
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields
CVE-2024-40480 2 Jayesh, Kashipara 2 Online Exam System, Online Exam System 2024-08-22 9.8 Critical
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access.