Lucene search
K

5 matches found

NVD
NVD
added 2023/08/03 9:15 a.m.44 views

CVE-2023-4119

A vulnerability has been found in Academy LMS 6.0 and classified as problematic. This vulnerability affects unknown code of the file /academy/home/courses. The manipulation of the argument query/sortby leads to cross site scripting. The attack can be initiated remotely. VDB-235966 is the identifi...

6.1CVSS5.1AI score0.0202EPSS
Exploits3References3
Prion
Prion
added 2023/08/03 9:15 a.m.9 views

Cross site scripting

A vulnerability has been found in Academy LMS 6.0 and classified as problematic. This vulnerability affects unknown code of the file /academy/home/courses. The manipulation of the argument query/sortby leads to cross site scripting. The attack can be initiated remotely. VDB-235966 is the identifi...

5CVSS6AI score0.0202EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2023/08/03 8:31 a.m.59 views

CVE-2023-4119

Academy LMS 6.0 is affected by CVE-2023-4119: an XSS vulnerability in /academy/home/courses due to manipulation of query and sort_by parameters. The issue is remote-executable in the sense of script injection and is documented with practical proof (Exploit-DB) that shows /academy/home/courses?que...

6.1CVSS5.1AI score0.0202EPSS
Exploits3References3Affected Software1
Packet Storm
Packet Storm
added 2023/08/03 12:0 a.m.387 views

Academy LMS 6.0 Cross Site Scripting

Exploit Title: Academy LMS 6.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4119...

7.1AI score0.0202EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.3 views

PT-2023-27852

Name of the Vulnerable Software and Affected Versions Academy LMS version 6.0 Description A vulnerability has been found in the file /academy/home/courses, where the manipulation of the query/sort by argument leads to cross-site scripting. The attack can be initiated remotely. The vendor was...

6.1CVSS4AI score0.0202EPSS
Exploits3References10
Rows per page
Query Builder