Lucene search
K

174 matches found

Cvelist
Cvelist
added 2020/09/15 9:8 p.m.18 views

CVE-2020-23828

A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution RCE on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses...

9.7AI score0.04105EPSS
Exploits1References2
CVE
CVE
added 2020/09/15 9:8 p.m.87 views

CVE-2020-23828

The CVE-2020-23828 entry concerns SourceCodester Online Course Registration v1.0. A File Upload vulnerability allows remote attackers to achieve Remote Code Execution by uploading a crafted PHP web-shell that bypasses image-upload filters, exploiting the /Online%20Course%20Registration/my-profile...

9.8CVSS9.6AI score0.04105EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2020/08/11 12:0 a.m.4 views

Moodle Permission License and Access Control Issues Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A privilege permission and access control issue vulnerability exists in Moodle, which stems from the program not performing proper...

8.8CVSS7AI score0.16425EPSS
Exploits8References1
Packet Storm
Packet Storm
added 2020/07/16 12:0 a.m.353 views

Online Course Registration 1.0 Remote Code Execution

Exploit Title: Online Course Registration 1.0 - Unauthenticated Remote Code Execution Exploit Author: Bobby Cooke Credit to BKpatron for similar Auth Bypass on admin page - exploit-db.com/exploits/48559 Date: 2020-07-15 Vendor Homepage: Vendor Homepage:...

0.2AI score
Exploits0
0daydb
0daydb
added 2020/06/07 12:50 p.m.96 views

Online Course Registration 1.0 - SQL Injection

Online Course Registration version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: Online Course Registration 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-05 Exploit Author: BKpatron Vendor Homepage:...

8.7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/06/05 12:0 a.m.316 views

Online Course Registration 1.0 SQL Injection

Exploit Title: Online Course Registration 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-05 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/04/29 12:0 a.m.3 views

Online Course Registration SQL Injection Vulnerability

Online Course Registration is a PHP and MySQL based online course registration system from the PHPGurukul team. A SQL injection vulnerability exists in the login page of Online Course Registration version 2.0. An attacker can exploit this vulnerability to bypass authentication. Login pages includ...

9.8CVSS8AI score0.02447EPSS
Exploits1
NVD
NVD
added 2020/04/28 8:15 p.m.20 views

CVE-2020-12429

Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/checkavailability.php, admin/index.php, change-password.php, checkavailability.php, includes/header.php,...

9.8CVSS9.8AI score0.02447EPSS
Exploits1References1
OSV
OSV
added 2020/04/28 8:15 p.m.5 views

CVE-2020-12429

Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/checkavailability.php, admin/index.php, change-password.php, checkavailability.php, includes/header.php,...

9.8CVSS7.3AI score0.02447EPSS
Exploits1References1
CVE
CVE
added 2020/04/28 7:2 p.m.73 views

CVE-2020-12429

Online Course Registration 2.0 is affected by multiple SQL injection vulnerabilities that can lead to complete database compromise and authentication bypass on login pages such as admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php...

9.8CVSS9.7AI score0.02447EPSS
Exploits1References1Affected Software1
0day.today
0day.today
added 2020/04/27 12:0 a.m.34 views

Online Course Registration 2.0 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Course Registration 2.0 - Authentication Bypass Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/online-course-registration-free-download/ Version: 2.0...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2020/01/26 6:35 p.m.152 views

Semrush: IDOR in semrush academy

INTRODUCTION I used two accounts to search for this vulnerability: - id: 5410425 email: ████[email protected] - id: 5407773 email: ████@anosimple.com IP used: ███ Endpoint URL: https://www.semrush.com/academy/courses/userEnroll EXPLOITATION Description of Security Issue: When a user clicks on the...

6.5AI score
Exploits0
Packet Storm
Packet Storm
added 2020/01/02 12:0 a.m.117 views

Online Course Registration 2.0 Remote Code Execution

Exploit Title: Online Course Registration 2.0 - Remote Code Execution Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-course-registration-free-download/ Version: v2.0 Category: Webapps Tested on: Xampp for Windows...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2011/02/23 12:0 a.m.17 views

Course MS <= 2.1 Multiple Vulnerabilities - Active Check

Course Registration Management System is prone to multiple input validation vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.3AI score
Exploits0References1
Rows per page
Query Builder