CVE-2020-29205
Summary
| CVE | CVE-2020-29205 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-05-17 19:15:00 UTC |
| Updated | 2021-05-24 15:02:00 UTC |
| Description | XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Projectworlds | Travel Management System | 1.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| GitHub - projectworldsofficial/online-examination-systen-in-php: Online Examination System Today Online Examination System has become a fast growing examination method because of its speed and accuracy. It is also needed less manpower to execute the examination. Almost all organizations now-a-days, are conducting their objective exams by online examination system, it saves students time in examinations. Organizations can also easily check the performance of the student that they give in an examination. As a | MISC | github.com | |
| Online Examination System 1.0 - 'name' Stored Cross Site Scripting - PHP webapps Exploit | MISC | www.exploit-db.com | |
| CVE-2020–29205. #Exploit Title … | by Nikhil kumar | May, 2021 | Medium | MISC | nikhilkumar01.medium.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.