20 matches found
CVE-2023-7335
EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames parameter to read arbitrary files from the server filesystem,...
CVE-2023-7335
EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames parameter to read arbitrary files from the server filesystem,...
CVE-2023-7335
EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames parameter to read arbitrary files from the server filesystem,...
CVE-2023-7335
EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames parameter to read arbitrary files from the server filesystem,...
CVE-2023-7335
EduSoho’s CVE-2023-7335 affects versions prior to 22.4.7 and is a remote, unauthenticated arbitrary file-read via the classroom-course-statistics export. The vulnerability arises from path-traversal in the fileNames[] parameter, allowing reading server files such as config/parameters.yml containi...
CVE-2023-7335 EduSoho < 22.4.7 Arbitrary File Read via classroom-course-statistics
EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames parameter to read arbitrary files from the server filesystem,...
EduSoho path traversal vulnerability
EduSoho is an open-source online school system developed by EduSoho. Versions of EduSoho prior to 22.4.7 contained a path traversal vulnerability. This vulnerability stemmed from improper handling of the fileNames parameter in the classroom-course-statistics export function, which could lead to...
VulnCheck KEV: CVE-2023-7335
EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames parameter to read arbitrary files from the server filesystem,...
PT-2026-3957
EduSoho versions prior to 22.4.7 contain an arbitrary file read vulnerability in the classroom-course-statistics export functionality. A remote, unauthenticated attacker can supply crafted path traversal sequences in the fileNames parameter to read arbitrary files from the server filesystem,...
Unauthorized Access Vulnerability in EduSoho Enterprise Training Open Source Edition
EduSoho enterprise training version is for enterprise customers for enterprise talent training for the goal of learning platform products. EduSoho Enterprise Training Edition is a platform product for enterprise customers for the purpose of enterprise talent training. It provides platform product...
Command Execution Vulnerability in EduSoho Enterprise Training Open Source Version
EduSoho enterprise training version is for enterprise customers for enterprise talent training for the goal of learning platform products. EduSoho Enterprise Training Edition is a platform product for enterprise customers for the purpose of enterprise talent training. It provides platform product...
Edusoho Online Learning Platform v8.0.16 SQL Injection Vulnerability in Frontend
Edusoho Online Learning Platform is a B2C independent online school system developed by Hangzhou Kuochi Network Technology Co. Edusoho Online Learning Platform v8.0.16 SQL injection vulnerability exists in the frontend. An attacker can use this vulnerability to obtain sensitive information from t...
New php vulnerability discovery of the debug result of the security vulnerability, Edusoho-a vulnerability warning-the black bar safety net
Modern cms framework laraval/symfony/slim, leading to today's php vulnerability appears point, principle, using method, has undergone some changes, this series can hope to summarize their excavation of such a cms vulnerability. Today this vulnerability is Edusoho a user table dump vulnerability...
Edusoho敏感信息泄露漏洞
No description provided by source...
EduSoho存储型XSS可打COOKIE(官网网站演示)
简要描述: …… 详细说明: 用户量: 在小组社区,发帖的地方,先发一个帖子,然后点击编辑,设置为源码模式。加入如下代码: 然后发帖: 就可以看到了 顺便发几个EduSoho案例:...
EduSoho在线网校系统存储型XSS
简要描述: 学习,就得慢慢来。 详细说明: 就拿官方的在线Demo网站来做演示. 漏洞证明: 首先,注册账号。 注册以后,可以在网站上任意找到一个 学习小组 路径: http://.../group 热门小组啊,人好多的有木有? 点击加入该小组, 然后就可以发帖了。哦也! 发帖内文中,居然可以看源码。好开心。。。 上xss代码。 一般的 神马的都被撸了。 想办法吧! 创建节点,然后写js内容吧...
EduSoho 5.1.4 /src/Topxia/WebBundle/Controller/SearchController.php SQL注入漏洞
No description provided by source...
EduSoho 最新版两处泄露accessKey和secretKey
简要描述: 可在官网重新绑定,发送云短信,下载安装应用。 详细说明: 出现问题的地方在安装文件/start-install.php false, ; $twig-addGlobal'edushoversion', \Topxia\System::VERSION; $step =intvalempty$GET'step' ? 0 : $GET'step'; $functionName = 'installstep' . $step; $functionName; use Topxia\Service\Common\ServiceKernel; use...
EduSoho通用网络课堂产品任意删除第二发
简要描述: 厂商态度很好,修复速度真快。给了个测试站让帮忙测试下。所有我又来了 详细说明: 来看看小组发帖的地方。 http://t5.edusoho.cn/group/2/thread/7?page=1post-85 随便回复一条。 然后在删除的地方有了点问题。 抓个包看下。 如上。。在POST的url中存在评论的ID和会员的ID 而这两个参数都可以在帖子中获得 修改如下 发送数据 返回查看结果。 已经没了。。 漏洞证明: 来看看小组发帖的地方。 http://t5.edusoho.cn/group/2/thread/7?page=1post-85 随便回复一条。...
EduSoho通用网络课堂产品任意消息删除
简要描述: 在线学习网站,好不错的样子呢 详细说明: 最近在看游戏开发之类的,然后在一个网络课堂看公开课。 偶然的机会看到管理员给我发私信说写的代码中奖了,好开心的说。。 高兴之后,我就对URL的id参数比较感兴趣。。 又看到这个样式,好像是通用的,点进去看了下。 好吧,看到了成功案例。还省的去搜索引擎找了。 复制几个过来吧 泰课在线 www.taikr.com 开源力量 www.osforce.cn 小象学院 www.chinahadoop.cn 兄弟连云课堂 http://yun.itxdl.cn 云知梦 http://www.lampym.com 美课网...