4 matches found
Forma LMS <= 3.1.0 Multiple Vulnerabilities
Forma LMS is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation...
CVE-2022-41681
creationtimestamp| type| source ---|---|--- 2022-10-31 23:13:30+00:00| seen| https://t.me/cibsecurity/52323 2025-05-06 20:21:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15219...
CVE-2022-41681
Forma LMS
CVE-2022-41681 File Upload vulnerability in Forma LMS
There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker with the role of student to privilege escalate in order to upload a Zip file through the SCORM importer feature. The exploitation of this vulnerability could lead to a remote code injection...