PT-2024-34422 · Unknown · Kashipara E-Learning Management System Project

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System Project version 1.0 Description: A SQL Injection issue was found in the /admin/class.php file via the class name parameter. This allows for potential exploitation. Recommendations: For kashipara E-learni...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by an SQL injection in the parameter unit...

CVE-2024-50831

CVE-2024-50831 affects the Kashipara E-learning Management System Project 1.0. A SQL injection vulnerability exists in the admin interface at /admin/admin_user.php, exploitable via the username and password parameters. CVSS data from multiple sources indicate a high-severity impact with potential...

CVE-2024-50828

A SQL Injection vulnerability was found in /admin/editdepartment.php in kashipara E-learning Management System Project 1.0 via the d parameter...

CVE-2024-50823

A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which originates from an SQL injection in the parameters datestart, dateend, and title...

PT-2024-21932 · Unknown · Chamilo Lms

Name of the Vulnerable Software and Affected Versions: Chamilo LMS version 1.11.26 Description: A Cross Site Scripting issue allows a remote attacker to escalate privileges via a crafted script to the filename parameter of the home.php component. Recommendations: For Chamilo LMS version 1.11.26,...

Chamilo LMS 安全漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.26, which stems...

PT-2024-30350 · Unknown · Masteriyo - Lms

Name of the Vulnerable Software and Affected Versions: Masteriyo - LMS versions 1.11.6 and earlier Description: The issue affects Masteriyo - LMS, allowing access to functionality not properly constrained by ACLs due to a Missing Authorization vulnerability. Recommendations: For Masteriyo - LMS...

JVN#31982676: MUSASI version 3 performing authentication on client-side

MUSASI provided by NEUMANN CO.LTD. is an e-learning system for driving schools. MUSASI version 3 performs authentication within the client-side code CWE-603, and the client in pre-authentication state retrieves the credential information from the server just when a user ID is input. This behavior...

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-34919

The CVE-2024-34919 entry describes an arbitrary file upload in Pisay Online E-Learning System v1.0, specifically the modstudent/controller.php component, enabling attackers to execute arbitrary code via crafted uploads. The vulnerability is associated with PHP/MySQL-based Pisay Online E-Learning ...

CVE-2024-24882

Improper Privilege Management vulnerability in Masteriyo LMS allows Privilege Escalation.This issue affects LMS: from n/a through 1.7.2...

CVE-2024-33912

Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16...

CVE-2024-4349

A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...

CVE-2024-4349

CVE-2024-4349 affects SourceCodester Pisay Online E-Learning System 1.0. The vulnerability lies in the /lesson/controller.php file where manipulating the file parameter leads to unrestricted uploads. It can be exploited remotely, and publicly disclosed exploit information exists (VDB-262489). Rem...

CVE-2024-4349 SourceCodester Pisay Online E-Learning System controller.php unrestricted upload

A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...

Totara LMS 代码注入漏洞

Totara LMS is a learning management system from Totara. A cross-site scripting vulnerability exists in Totara LMS version 18.0.1 Build 20231128.01, which stems from the fact that admin/roles/check.php in the component Profile Handler contains some unknown functions that lead to cross-site scripti...