CVE-2023-45115

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt