CNNVD-202601-4974 Information

CNNVD ID

CNNVD-202601-4974

Related CVE

CVE-2020-37057

• CNNVD Published: 2026-01-30

Description (Chinese)

Online-Exam-System-是Sunny Prakash Tiwari个人开发者的一个在线考试系统。 Online-Exam-System- 2015版本存在SQL注入漏洞，该漏洞源于反馈模块中参数fid存在SQL注入，可能导致攻击者操纵数据库查询。

Description (English)

Online-Exam-System is an online examination system for Sunny Prakash Tiwari personal developers. The Online-Exam-System-2015 version has an injection loophole in SQL, which stems from the fact that the parameter in the feedback module is fed by SQL, which may lead to the assailant manipulating the database search.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2026-01-30

Last Modified

2026-02-24

References

https://github.com/sunnygkp10/Online-Exam-System-.git https://www.exploit-db.com/exploits/48529 https://www.vulncheck.com/advisories/online-exam-system-fid-sql-injection