Lucene search
K

888 matches found

Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-32020

Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files .tpl under /main/template/default/ are directly accessible without authentication via HTTP GET requests. These templates expose internal application logic, variable names, AJAX endpoint URLs, and admin panel...

5.3CVSS5.8AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

Chamilo LMS 安全漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 1.11.38 and 2.0.0-RC.3 contained security vulnerabilities. These vulnerabilitie...

7.1CVSS5.9AI score0.0028EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.5 views

Chamilo LMS 安全漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Prior to version 1.11.38, Chamilo LMS had a security vulnerability. This vulnerability stemmed from the REST API...

6.5CVSS5.8AI score0.00209EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.9 views

PT-2026-32014

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.38 Description Chamilo LMS is a learning management system. A chained attack can enable otherwise-blocked PHP code from the main/install/ directory, allowing an unauthenticated attacker to modify existing fil...

9.3CVSS5.8AI score0.00321EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.9 views

Chamilo LMS 输入验证错误漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS from 1.11.0 to 2.0-beta.1 contain a vulnerability related to input validation errors. Th...

4.7CVSS5.8AI score0.00165EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31999

Chamilo LMS is a learning management system. Prior to 1.11.38, there is a path traversal in main/exercise/savescores.php leading to arbitrary file feletion. User input from $ REQUEST'test' is concatenated directly into filesystem path without canonicalization or traversal checks. This vulnerabili...

8.3CVSS5.9AI score0.0035EPSS
Exploits0References4
NVD
NVD
added 2026/04/08 9:16 p.m.2 views

CVE-2026-39415

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...

5.3CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:7 p.m.2 views

CVE-2026-39415 Frappe Learning Management System has Client-Side Manipulation of Quiz Scores

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 8:7 p.m.4 views

EUVD-2026-20603

Frappe Learning Management System LMS is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/08 12:54 p.m.7 views

WordPress Masteriyo - LMS plugin <= 2.1.5 - Payment Bypass vulnerability

WordPress Masteriyo - LMS plugin = 2.1.5 - Payment Bypass vulnerability discovered by davidfdzmorilla in WordPress Plugin Masteriyo - LMS versions = 2.1.5...

5.8AI score0.00246EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.6 views

Frappe Learning Management System 安全漏洞

Frappe Learning Management System is an easy-to-use open-source learning management system developed by Frappe. Versions of the Frappe Learning Management System prior to 2.46.0 contained security vulnerabilities. These vulnerabilities stemmed from reliance on client-side calculations for quiz...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/05 9:30 a.m.5 views

EUVD-2026-19040

A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function addlesson of the file /application/models/Crudmodel.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and ma...

6.5CVSS6.3AI score0.00257EPSS
Exploits0References6
NVD
NVD
added 2026/04/05 7:16 a.m.6 views

CVE-2026-5546

A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function addlesson of the file /application/models/Crudmodel.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and ma...

6.5CVSS0.00257EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/05 6:0 a.m.1 views

CVE-2026-5546 Campcodes Complete Online Learning Management System Crud_model.php add_lesson unrestricted upload

A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function addlesson of the file /application/models/Crudmodel.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and ma...

6.5CVSS6.3AI score0.00257EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.11 views

CampCodes Complete Online Learning Management System 代码问题漏洞

CampCodes Complete Online Learning Management System is an online learning system developed by the Philippine company CampCodes. Version 1.0 of the Campcodes Complete Online Learning Management System has a code vulnerability. This vulnerability stems from improper upload restrictions in the...

6.5CVSS6.8AI score0.00257EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/03 11:2 p.m.4 views

CVE-2026-34606

Frappe Learning Management System LMS is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0...

6.9CVSS5.8AI score0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/02 5:50 p.m.16 views

CVE-2026-34606 Stored XSS in Frappe LMS

Frappe Learning Management System LMS is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0...

6.9CVSS0.00189EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/02 5:50 p.m.4 views

EUVD-2026-18462

Frappe Learning Management System LMS is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0...

6.9CVSS5.8AI score0.00189EPSS
Exploits0References4
CVE
CVE
added 2026/04/02 5:50 p.m.11 views

CVE-2026-34606

CVE-2026-34606 concerns Frappe LMS. The vulnerability is a stored XSS affecting Frappe LMS releases from version 2.27.0 up to 2.47.x (i.e., before 2.48.0). The issue has been patched in 2.48.0 . The provided sources do not supply exploit details, affected modules, or specific attack vectors beyon...

6.9CVSS5.8AI score0.00189EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

Frappe Learning Management System 跨站脚本漏洞

Frappe Learning Management System is an easy-to-use open-source learning management system developed by Frappe. Versions of the Frappe Learning Management System from 2.27.0 to 2.48.0 had a cross-site scripting vulnerability, which originated from a stored-cross-site scripting vulnerability...

6.9CVSS5.6AI score0.00189EPSS
Exploits0References4
Rows per page
Query Builder