ciph0x01/Simple-Exam-Reviewer-Management-System-CVE

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-42197 ↗	Oct 20, 2022Thursday, 20 October 2022, 13:15	6.5 MEDIUM	—
In Simple Exam Reviewer Management System v1.0 the User List function has improper access control that allows low privileged users to modify user permissions to higher privileges.
CVE-2022-42198 ↗	Oct 20, 2022Thursday, 20 October 2022, 13:15	8.8 HIGH	—
In Simple Exam Reviewer Management System v1.0 the User List function suffers from insecure file upload.
CVE-2022-42199 ↗	Oct 20, 2022Thursday, 20 October 2022, 13:15	8.8 HIGH	—
Simple Exam Reviewer Management System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Exam List.
CVE-2022-42200 ↗	Oct 20, 2022Thursday, 20 October 2022, 13:15	5.4 MEDIUM	—
Simple Exam Reviewer Management System v1.0 is vulnerable to Stored Cross Site Scripting (XSS) via the Exam List.
CVE-2022-42201 ↗	Oct 20, 2022Thursday, 20 October 2022, 13:15	7.2 HIGH	—
Simple Exam Reviewer Management System v1.0 is vulnerable to Insecure file upload.