Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

461 matches found

NVD
NVDadded 2025/02/05 10:15 p.m.9 views

CVE-2020-36084

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/deleteteacherstudents.php?id= parameter via id field...

9.8CVSS0.00591EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/02/05 12:0 a.m.4 views

SourceCodester Responsive E-Learning System 安全漏洞

SourceCodester Responsive E-Learning System is an open source e-learning system from Sourcecodester. A security vulnerability exists in SourceCodester Responsive E-Learning System version 1.0. An attacker can exploit this vulnerability to inject a sql query via the id field in the...

9.8CVSS6.9AI score0.00591EPSS
Exploits1References1
CVE
CVEadded 2025/02/05 12:0 a.m.53 views

CVE-2020-36084

CVE-2020-36084 describes a SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0, where an attacker can inject SQL via the id parameter in /elearning/delete_teacher_students.php?id=. The CVSS metrics indicate a critical risk (CVSS v3.1: 9.8, Network attack vector, no priv...

9.8CVSS8.2AI score0.00591EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/02/05 12:0 a.m.8 views

CVE-2020-36084

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/deleteteacherstudents.php?id= parameter via id field...

9.8AI score0.00591EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/02/05 12:0 a.m.13 views

CVE-2020-36084

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/deleteteacherstudents.php?id= parameter via id field...

0.00591EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/01/08 12:0 a.m.2 views

Viwis LMS 代码注入漏洞

Viwis LMS is a Learning Management System from Viwis Corporation, USA. A code injection vulnerability exists in Viwis LMS version 9.11, which stems from a cross-site scripting attack caused by manipulation of the filename parameter in the file upload component...

6.9CVSS5AI score0.00141EPSS
Exploits0References3
OSV
OSVadded 2025/01/02 2:15 p.m.1 views

CVE-2024-13111

A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/com/yf/exam/modules/sys/user/controller/SysUserControl of the component JWT Token...

8.1CVSS4.8AI score
Exploits0References5
OSV
OSVadded 2025/01/02 2:15 p.m.1 views

CVE-2024-13110

A vulnerability classified as problematic has been found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected is an unknown function of the file src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, of the component Exam Answer Handler. The...

7.5CVSS4.9AI score
Exploits0References5
NVD
NVDadded 2025/01/02 2:15 p.m.8 views

CVE-2024-13110

A vulnerability classified as problematic has been found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected is an unknown function of the file src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, of the component Exam Answer Handler. The...

7.5CVSS0.00268EPSS
Exploits1References5
NVD
NVDadded 2024/12/09 7:15 p.m.12 views

CVE-2024-54934

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...

9.8CVSS0.00159EPSS
Exploits1References1
OSV
OSVadded 2024/12/09 7:15 p.m.1 views

CVE-2024-54934

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...

9.8CVSS5.8AI score0.00159EPSS
Exploits1References1
NVD
NVDadded 2024/12/09 7:15 p.m.16 views

CVE-2024-54925

A SQL Injection was found in /removesentmessage.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

9.8CVSS0.0105EPSS
Exploits1References1
OSV
OSVadded 2024/12/09 6:15 p.m.2 views

CVE-2024-54935

A Stored Cross-Site Scripting XSS vulnerability was found in /sendmessageteachertostudent.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the mymessage parameter...

5.4CVSS6AI score0.0034EPSS
Exploits1References1
OSV
OSVadded 2024/12/09 2:15 p.m.1 views

CVE-2024-54929

KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletesubject.php...

7.2CVSS5.8AI score0.00132EPSS
Exploits1References1
CNNVD
CNNVDadded 2024/12/09 12:0 a.m.1 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary scripts via the mymessage parameter...

5.4CVSS7.2AI score0.0034EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/12/09 12:0 a.m.2 views

PT-2024-36442 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /admin/edit content.php endpoint, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database...

9.8CVSS8.6AI score0.0105EPSS
Exploits1References5
Cvelist
Cvelistadded 2024/12/09 12:0 a.m.11 views

CVE-2024-54925

A SQL Injection was found in /removesentmessage.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

0.0105EPSS
Exploits1References1
CVE
CVEadded 2024/12/09 12:0 a.m.53 views

CVE-2024-54928

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_teacher.php. Root cause is improper input handling enabling SQL injection; CVSS v3.1 base score 7.2 (HIGH) with impact to confidentiality, integrity, and availability. Exploitation status is not detailed i...

7.2CVSS8.3AI score0.00107EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2024/12/09 12:0 a.m.2 views

PT-2024-36441 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /admin/edit teacher.php endpoint, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database...

9.8CVSS8.6AI score0.0105EPSS
Exploits1References5
Cvelist
Cvelistadded 2024/12/09 12:0 a.m.16 views

CVE-2024-54931

A SQL Injection was found in /admin/deleteevent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

0.0105EPSS
Exploits1References1
Rows per page
Query Builder