crazychen123

2 exploits Active since Feb 2023
CVE-2023-25431 WRITEUP MEDIUM WRITEUP
Online Reviewer Management System 1.0 - Stored Cross-Site Scripting via course-update.php
An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer_0/admins/assessments/course/course-update.php.
CVSS 4.8
CVE-2023-25432 WRITEUP HIGH WRITEUP
Online Reviewer Management System 1.0 - SQL Injection via course-update.php
An issue was discovered in Online Reviewer Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via reviewer_0/admins/assessments/course/course-update.php.
CVSS 7.2