Daiki Sueyoshi

#8019of 53,638
34.3Total CVSS
Vulnerabilities · 5
Medium
3
High
2
PT-2022-13016
8.8
2022-01-17
Unknown · Quiz/Survey Master · CVE-2022-0180
**Name of the Vulnerable Software and Affected Versions** Quiz And Survey Master versions prior to 7.3.7 **Description** A cross-site request forgery (CSRF) issue allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page. **Recommendations** For versions prior to 7.3.7, update to version 7.3.7 or later to resolve the issue.
PT-2022-13017
6.1
2022-01-17
Unknown · Quiz/Survey Master · CVE-2022-0181
**Name of the Vulnerable Software and Affected Versions** Quiz And Survey Master versions prior to 7.3.7 **Description** A reflected cross-site scripting issue allows a remote attacker to inject an arbitrary script via unspecified vectors. This enables the attacker to potentially execute malicious code on the victim's browser. **Recommendations** For versions prior to 7.3.7, update to version 7.3.7 or later to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation. Avoid using unspecified vectors that may be vulnerable to script injection until the issue is resolved.
PT-2019-9238
6.1
2019-01-09
Thimpress · Learnpress · CVE-2018-16173
**Name of the Vulnerable Software and Affected Versions** LearnPress versions prior to 3.1.0 **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For versions prior to 3.1.0, update to version 3.1.0 or later to resolve the issue.
PT-2019-9239
6.1
2019-01-09
Thimpress · Learnpress · CVE-2018-16174
**Name of the Vulnerable Software and Affected Versions** LearnPress versions prior to 3.1.0 **Description** The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. **Recommendations** For versions prior to 3.1.0, update to version 3.1.0 or later to resolve the issue.
PT-2019-9240
7.2
2019-01-09
Thimpress · Learnpress · CVE-2018-16175
**Name of the Vulnerable Software and Affected Versions** LearnPress versions prior to 3.1.0 **Description** A SQL injection issue allows an attacker with administrator rights to execute arbitrary SQL commands. The estimated number of potentially affected devices and details about real-world incidents are not specified. **Recommendations** For versions prior to 3.1.0, update to version 3.1.0 or later to resolve the issue.