CVE-2023-45114

Name of the Vulnerable Software and Affected Versions Online Examination System version 1.0

Description The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the subject parameter of the "feed.php" resource does not validate the characters received, sending them unfiltered to the database. This allows for potential exploitation.

Recommendations For Online Examination System version 1.0, as a temporary workaround, consider validating and filtering the subject parameter in the feed.php resource to prevent SQL injection attacks. Restrict access to the feed.php resource until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.