23 matches found
EUVD-2020-30983
GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated parameters. Attackers can exploit the 'month' parameter in the agenda module and other endpoints to extract sensitive database information...
CVE-2020-37112
CVE-2020-37112 affects GUnet OpenEclass 1.7.3. The provided documents describe multiple SQL injection vulnerabilities in the agenda module and other endpoints, exploitable by authenticated attackers to manipulate queries and extract sensitive data via error-based or time-based techniques (via the...
CVE-2020-37112
GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated parameters. Attackers can exploit the 'month' parameter in the agenda module and other endpoints to extract sensitive database information...
CVE-2020-37112 GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection
GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated parameters. Attackers can exploit the 'month' parameter in the agenda module and other endpoints to extract sensitive database information...
GUnet OpenEclass SQL注入漏洞
GUnet OpenEclass is a learning management system developed by the Greek company GUnet. Version 1.7.3 of GUnet OpenEclass contains a SQL injection vulnerability. This vulnerability stems from multiple SQL injection points in the agenda module and other endpoints, which could allow authenticated...
PT-2026-5857
Name of the Vulnerable Software and Affected Versions GUnet OpenEclass version 1.7.3 Description The software contains multiple SQL injection flaws. Authenticated attackers can manipulate database queries through unvalidated parameters. Attackers can exploit the month parameter in the agenda modu...
PT-2025-47475
Name of the Vulnerable Software and Affected Versions i-Educar versions prior to 2.10.0 Description i-Educar is school management software with a flaw that allows an authenticated attacker to execute arbitrary SQL commands against the application's database. This is due to a time-based SQL...
EUVD-2025-25886
Malicious code in bioql PyPI...
EUVD-2025-21989
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-55227
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in the Events/Agenda module of Dolibarr v21.0.0-beta allows attackers to execute arbitrary web scripts or HTMl via a...
CVE-2025-9531
A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2025-9531
A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2025-9531
A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2025-9531
CVE-2025-9531 affects Portabilis i-Educar up to version 2.10, specifically the Agenda Module via the file /intranet/agenda.php. The vulnerability is an SQL injection triggered by manipulating the cod_agenda argument, with remote exploitability and a publicly available exploit. Several sources cor...
CVE-2025-9531 Portabilis i-Educar Agenda agenda.php sql injection
A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2025-9531 Portabilis i-Educar Agenda agenda.php sql injection
A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...
PT-2025-34866 · Portabilis · Portabilis I-Educar
Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A SQL injection issue exists in the Agenda Module of Portabilis i-Educar. The issue is located in the /intranet/agenda.php file, affecting an unknown function. Manipulation of the cod agend...
CVE-2025-7867
A vulnerability has been found in Portabilis i-Educar 2.9.0/2.10.0. This vulnerability affects unknown code of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novotitulo/novodescricao leads to cross site scripting. It is possible to initiate the atta...
CVE-2025-7867 Portabilis i-Educar Agenda agenda.php cross site scripting
A vulnerability has been found in Portabilis i-Educar 2.9.0/2.10.0. This vulnerability affects unknown code of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novotitulo/novodescricao leads to cross site scripting. It is possible to initiate the atta...
CVE-2025-7867
CVE-2025-7867 affects Portabilis i-Educar 2.9.0/2.10.0, specifically the Agenda Module’s file /intranet/agenda.php. The vulnerability arises from manipulating the parameters novo_titulo and novo_descricao, leading to cross-site scripting. Attacks can be initiated remotely, and the exploit has bee...