Lucene search

K

Sermon'e – Sermons Online Security Vulnerabilities

cvelist
cvelist

CVE-2024-4279 Tutor LMS – eLearning and online course solution <= 2.7.0 - Authenticated (Instructor+) Insecure Direct Object Reference to Arbitrary Course Deletion

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow....

6.5CVSS

6.8AI Score

0.001EPSS

2024-05-16 05:33 AM
vulnrichment
vulnrichment

CVE-2024-4279 Tutor LMS – eLearning and online course solution <= 2.7.0 - Authenticated (Instructor+) Insecure Direct Object Reference to Arbitrary Course Deletion

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow....

6.5CVSS

6.7AI Score

0.001EPSS

2024-05-16 05:33 AM
cvelist
cvelist

CVE-2024-4946 SourceCodester Online Art Gallery Management System adminHome.php unrestricted upload

A vulnerability was found in SourceCodester Online Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/adminHome.php. The manipulation of the argument sliderpic leads to unrestricted upload. The attack...

6.3CVSS

6.7AI Score

0.0004EPSS

2024-05-16 05:31 AM
1
vulnrichment
vulnrichment

CVE-2024-4946 SourceCodester Online Art Gallery Management System adminHome.php unrestricted upload

A vulnerability was found in SourceCodester Online Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/adminHome.php. The manipulation of the argument sliderpic leads to unrestricted upload. The attack...

6.3CVSS

6.9AI Score

0.0004EPSS

2024-05-16 05:31 AM
cve
cve

CVE-2024-4931

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Bidding System 1.0. This issue affects some unknown processing of the file /simple-online-bidding-system/admin/index.php?page=view_udet. The manipulation of the argument id leads to sql injection. The....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-16 05:15 AM
24
cve
cve

CVE-2024-4932

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Bidding System 1.0. Affected is an unknown function of the file /simple-online-bidding-system/admin/index.php?page=manage_user. The manipulation of the argument id leads to sql injection. It is possible to....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-16 05:15 AM
23
cve
cve

CVE-2024-4933

A vulnerability has been found in SourceCodester Simple Online Bidding System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/index.php?page=manage_product. The manipulation of the argument id leads to sql...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-16 05:15 AM
23
nvd
nvd

CVE-2024-4931

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Bidding System 1.0. This issue affects some unknown processing of the file /simple-online-bidding-system/admin/index.php?page=view_udet. The manipulation of the argument id leads to sql injection. The....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 05:15 AM
nvd
nvd

CVE-2024-4933

A vulnerability has been found in SourceCodester Simple Online Bidding System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/index.php?page=manage_product. The manipulation of the argument id leads to sql...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 05:15 AM
nvd
nvd

CVE-2024-4932

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Bidding System 1.0. Affected is an unknown function of the file /simple-online-bidding-system/admin/index.php?page=manage_user. The manipulation of the argument id leads to sql injection. It is possible to....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 05:15 AM
cvelist
cvelist

CVE-2024-4933 SourceCodester Simple Online Bidding System sql injection

A vulnerability has been found in SourceCodester Simple Online Bidding System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/index.php?page=manage_product. The manipulation of the argument id leads to sql...

6.3CVSS

7.1AI Score

0.0004EPSS

2024-05-16 05:00 AM
vulnrichment
vulnrichment

CVE-2024-4933 SourceCodester Simple Online Bidding System sql injection

A vulnerability has been found in SourceCodester Simple Online Bidding System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/index.php?page=manage_product. The manipulation of the argument id leads to sql...

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-16 05:00 AM
cvelist
cvelist

CVE-2024-4932 SourceCodester Simple Online Bidding System sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Bidding System 1.0. Affected is an unknown function of the file /simple-online-bidding-system/admin/index.php?page=manage_user. The manipulation of the argument id leads to sql injection. It is possible to....

6.3CVSS

7.1AI Score

0.0004EPSS

2024-05-16 04:31 AM
cvelist
cvelist

CVE-2024-4931 SourceCodester Simple Online Bidding System sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Bidding System 1.0. This issue affects some unknown processing of the file /simple-online-bidding-system/admin/index.php?page=view_udet. The manipulation of the argument id leads to sql injection. The....

6.3CVSS

7.1AI Score

0.0004EPSS

2024-05-16 04:31 AM
vulnrichment
vulnrichment

CVE-2024-4931 SourceCodester Simple Online Bidding System sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Bidding System 1.0. This issue affects some unknown processing of the file /simple-online-bidding-system/admin/index.php?page=view_udet. The manipulation of the argument id leads to sql injection. The....

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-16 04:31 AM
nvd
nvd

CVE-2024-4930

A vulnerability classified as critical was found in SourceCodester Simple Online Bidding System 1.0. This vulnerability affects unknown code of the file /simple-online-bidding-system/index.php?page=view_prod. The manipulation of the argument id leads to sql injection. The attack can be initiated...

6.3CVSS

6.9AI Score

0.0004EPSS

2024-05-16 04:15 AM
cve
cve

CVE-2024-4930

A vulnerability classified as critical was found in SourceCodester Simple Online Bidding System 1.0. This vulnerability affects unknown code of the file /simple-online-bidding-system/index.php?page=view_prod. The manipulation of the argument id leads to sql injection. The attack can be initiated...

6.3CVSS

7.5AI Score

0.0004EPSS

2024-05-16 04:15 AM
23
cve
cve

CVE-2024-4929

A vulnerability classified as problematic has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file /simple-online-bidding-system/admin/ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to initiate the.....

4.3CVSS

6.7AI Score

0.0004EPSS

2024-05-16 04:15 AM
24
nvd
nvd

CVE-2024-4929

A vulnerability classified as problematic has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file /simple-online-bidding-system/admin/ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to initiate the.....

4.3CVSS

4.6AI Score

0.0004EPSS

2024-05-16 04:15 AM
cvelist
cvelist

CVE-2024-4930 SourceCodester Simple Online Bidding System sql injection

A vulnerability classified as critical was found in SourceCodester Simple Online Bidding System 1.0. This vulnerability affects unknown code of the file /simple-online-bidding-system/index.php?page=view_prod. The manipulation of the argument id leads to sql injection. The attack can be initiated...

6.3CVSS

7.2AI Score

0.0004EPSS

2024-05-16 04:00 AM
vulnrichment
vulnrichment

CVE-2024-4930 SourceCodester Simple Online Bidding System sql injection

A vulnerability classified as critical was found in SourceCodester Simple Online Bidding System 1.0. This vulnerability affects unknown code of the file /simple-online-bidding-system/index.php?page=view_prod. The manipulation of the argument id leads to sql injection. The attack can be initiated...

6.3CVSS

7.5AI Score

0.0004EPSS

2024-05-16 04:00 AM
cvelist
cvelist

CVE-2024-4929 SourceCodester Simple Online Bidding System cross-site request forgery

A vulnerability classified as problematic has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file /simple-online-bidding-system/admin/ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to initiate the.....

4.3CVSS

5AI Score

0.0004EPSS

2024-05-16 03:31 AM
vulnrichment
vulnrichment

CVE-2024-4929 SourceCodester Simple Online Bidding System cross-site request forgery

A vulnerability classified as problematic has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file /simple-online-bidding-system/admin/ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to initiate the.....

4.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 03:31 AM
cve
cve

CVE-2024-4927

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=save_product. The manipulation leads to unrestricted upload....

7.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 03:15 AM
24
nvd
nvd

CVE-2024-4927

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=save_product. The manipulation leads to unrestricted upload....

7.3CVSS

6.5AI Score

0.0004EPSS

2024-05-16 03:15 AM
1
cve
cve

CVE-2024-4928

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=delete_category. The manipulation of the argument id leads to sql...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-16 03:15 AM
23
nvd
nvd

CVE-2024-4928

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=delete_category. The manipulation of the argument id leads to sql...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 03:15 AM
cvelist
cvelist

CVE-2024-4928 SourceCodester Simple Online Bidding System sql injection

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=delete_category. The manipulation of the argument id leads to sql...

6.3CVSS

7AI Score

0.0004EPSS

2024-05-16 03:00 AM
vulnrichment
vulnrichment

CVE-2024-4928 SourceCodester Simple Online Bidding System sql injection

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=delete_category. The manipulation of the argument id leads to sql...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-16 03:00 AM
vulnrichment
vulnrichment

CVE-2024-4927 SourceCodester Simple Online Bidding System unrestricted upload

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=save_product. The manipulation leads to unrestricted upload....

7.3CVSS

6.9AI Score

0.0004EPSS

2024-05-16 02:31 AM
cvelist
cvelist

CVE-2024-4927 SourceCodester Simple Online Bidding System unrestricted upload

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=save_product. The manipulation leads to unrestricted upload....

7.3CVSS

6.7AI Score

0.0004EPSS

2024-05-16 02:31 AM
nvd
nvd

CVE-2024-4920

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file registerH.php. The manipulation of the argument ima leads to unrestricted upload. The attack may be initiated remotely. The exploit...

7.3CVSS

7.3AI Score

0.0004EPSS

2024-05-16 12:15 AM
cve
cve

CVE-2024-4919

A vulnerability was found in Campcodes Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /adminpanel/admin/query/addCourseExe.php. The manipulation of the argument course_name leads to sql injection. The attack can be initiated...

6.3CVSS

7.5AI Score

0.0004EPSS

2024-05-16 12:15 AM
19
nvd
nvd

CVE-2024-4919

A vulnerability was found in Campcodes Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /adminpanel/admin/query/addCourseExe.php. The manipulation of the argument course_name leads to sql injection. The attack can be initiated...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 12:15 AM
2
cve
cve

CVE-2024-4920

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file registerH.php. The manipulation of the argument ima leads to unrestricted upload. The attack may be initiated remotely. The exploit...

7.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 12:15 AM
4
cvelist
cvelist

CVE-2024-4920 SourceCodester Online Discussion Forum Site registerH.php unrestricted upload

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file registerH.php. The manipulation of the argument ima leads to unrestricted upload. The attack may be initiated remotely. The exploit...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-16 12:00 AM
cvelist
cvelist

CVE-2024-4919 Campcodes Online Examination System addCourseExe.php sql injection

A vulnerability was found in Campcodes Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /adminpanel/admin/query/addCourseExe.php. The manipulation of the argument course_name leads to sql injection. The attack can be initiated...

6.3CVSS

7.1AI Score

0.0004EPSS

2024-05-15 11:31 PM
vulnrichment
vulnrichment

CVE-2024-4919 Campcodes Online Examination System addCourseExe.php sql injection

A vulnerability was found in Campcodes Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /adminpanel/admin/query/addCourseExe.php. The manipulation of the argument course_name leads to sql injection. The attack can be initiated...

6.3CVSS

7.5AI Score

0.0004EPSS

2024-05-15 11:31 PM
nvd
nvd

CVE-2024-4918

A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. This affects an unknown part of the file updateQuestion.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-15 11:15 PM
cve
cve

CVE-2024-4918

A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. This affects an unknown part of the file updateQuestion.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 11:15 PM
19
cve
cve

CVE-2024-4917

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit.....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 11:15 PM
20
cve
cve

CVE-2024-4916

A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 11:15 PM
19
nvd
nvd

CVE-2024-4917

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-15 11:15 PM
nvd
nvd

CVE-2024-4916

A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-15 11:15 PM
cvelist
cvelist

CVE-2024-4918 Campcodes Online Examination System updateQuestion.php sql injection

A vulnerability was found in Campcodes Online Examination System 1.0. It has been classified as critical. This affects an unknown part of the file updateQuestion.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS

7AI Score

0.0004EPSS

2024-05-15 11:00 PM
vulnrichment
vulnrichment

CVE-2024-4917 Campcodes Online Examination System submitAnswerExe.php sql injection

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit.....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 11:00 PM
cvelist
cvelist

CVE-2024-4917 Campcodes Online Examination System submitAnswerExe.php sql injection

A vulnerability was found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file submitAnswerExe.php. The manipulation of the argument exmne_id leads to sql injection. The attack may be launched remotely. The exploit.....

6.3CVSS

7AI Score

0.0004EPSS

2024-05-15 11:00 PM
cvelist
cvelist

CVE-2024-4916 Campcodes Online Examination System selExamAttemptExe.php sql injection

A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely....

6.3CVSS

7.1AI Score

0.0004EPSS

2024-05-15 10:31 PM
vulnrichment
vulnrichment

CVE-2024-4916 Campcodes Online Examination System selExamAttemptExe.php sql injection

A vulnerability has been found in Campcodes Online Examination System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file selExamAttemptExe.php. The manipulation of the argument thisId leads to sql injection. The attack can be launched remotely....

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-15 10:31 PM
cve
cve

CVE-2024-4914

A vulnerability, which was classified as critical, has been found in Campcodes Online Examination System 1.0. This issue affects some unknown processing of the file ranking-exam.php. The manipulation of the argument exam_id leads to sql injection. The attack may be initiated remotely. The exploit.....

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-15 10:15 PM
19
Total number of security vulnerabilities42683