Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Testa

Source -

CNA

BOS Name -

N/A

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
2Vulnerabilities found
CVE-2021-47902
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.04% / 13.23%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 15:23
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Testa Online Test Management System 3.4.7 - 'q' SQL Injection

Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. Attackers can inject malicious SQL code in the search field to extract database information, potentially accessing sensitive user or system data.

Action-Not Available
Vendor-Testa
Product-Testa Online Test Management System
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-50896
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-5.1||MEDIUM
EPSS-0.03% / 8.59%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 22:56
Updated-14 Jan, 2026 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Testa 3.5.1 Online Test Management System - Reflected Cross-Site Scripting (XSS)

Testa 3.5.1 contains a reflected cross-site scripting vulnerability in the login.php redirect parameter that allows attackers to inject malicious scripts. Attackers can craft a specially encoded payload in the redirect parameter to execute arbitrary JavaScript in victim's browser context.

Action-Not Available
Vendor-Testa
Product-Testa
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')