Lucene search
K

406 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4238

A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument coursecode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

5.8CVSS5.8AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-1870

The Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.7 views

EUVD-2026-15815

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through = 3.2.26...

6.5CVSS5.8AI score0.00156EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.4 views

CVE-2026-31914

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through = 3.2.26...

6.5CVSS0.00156EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.24 views

CVE-2026-31914 WordPress WP Courses LMS plugin <= 3.2.26 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through = 3.2.26...

6.5CVSS0.00156EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 4:14 p.m.3 views

CVE-2026-31914

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through = 3.2.26...

5.8AI score0.00156EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.3 views

CVE-2026-31914 WordPress WP Courses LMS plugin <= 3.2.26 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through = 3.2.26...

5.8AI score0.00156EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.10 views

CVE-2026-31914

The connected PATCHSTACK entry identifies a Cross Site Scripting (XSS) vulnerability in the WordPress WP Courses LMS plugin, versions &lt;= 3.2.26. Vulnerable component: WP Courses LMS plugin; affected version range:

6.5CVSS5.8AI score0.00156EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.7 views

PT-2026-27994

Name of the Vulnerable Software and Affected Versions hookandhook WP Courses LMS wp-courses versions through 3.2.26 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a DOM-Based Cross-Site Scripting XSS condition. This allows f...

6.5CVSS6.1AI score0.00156EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

WordPress plugin WP Courses LMS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

6.5CVSS5.6AI score0.00156EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/23 2:51 p.m.4 views

WordPress WP Courses LMS plugin <= 3.2.26 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Duc Canh canhnguyen26 in WordPress Plugin WP Courses LMS versions = 3.2.26...

6.5CVSS5.8AI score0.00156EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/03/16 7:57 p.m.5 views

WordPress Thim Kit for Elementor plugin <= 1.3.7 - Missing Authorization to Unauthenticated Private Course Disclosure vulnerability

Missing Authorization to Unauthenticated Private Course Disclosure vulnerability discovered by Youssef Elouaer in WordPress Plugin Thim Elementor Kit versions = 1.3.7...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/16 6:32 p.m.4 views

EUVD-2025-208753

An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...

5.4CVSS6.2AI score0.00242EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/16 3:30 p.m.7 views

EUVD-2026-12427

A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument coursecode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/16 3:30 p.m.5 views

EUVD-2026-12184

The Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References3
NVD
NVD
added 2026/03/16 2:20 p.m.4 views

CVE-2026-4238

A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument coursecode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

5.8CVSS0.00202EPSS
Exploits0References5
NVD
NVD
added 2026/03/16 2:18 p.m.5 views

CVE-2026-1870

The Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7...

5.3CVSS0.00262EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/16 12:32 p.m.3 views

CVE-2026-4238 itsourcecode College Management System courses.php sql injection

A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument coursecode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/16 12:32 p.m.29 views

CVE-2026-4238 itsourcecode College Management System courses.php sql injection

A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument coursecode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

5.8CVSS0.00202EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.7 views

GUnet OpenEclass 安全漏洞

GUnet OpenEclass is a learning management system developed by the Greek company GUnet. Versions of GUnet OpenEclass prior to version 3.13 contained security vulnerabilities. These vulnerabilities stemmed from the existence of an authenticated arbitrary file upload in the Courses/Work Assignments...

5.4CVSS6.2AI score0.00242EPSS
Exploits1References4
Rows per page
Query Builder