Simple E-Learning System SQL Injection Vulnerability (CNVD-2023-11437)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the parameter phoneNumber of the file /claireblake. statements. An...

Simple E-Learning System SQL Injection Vulnerability (CNVD-2023-11438)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. Simple E-Learning System is vulnerable to SQL injection, which stems from a missing validation of external input SQL statements in the parameter postid of the file commentframe.php. statement. An...

CVE-2022-2699

A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claireblake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2022-2701

A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claireblake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

CVE-2022-2704

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The...

CVE-2022-2698

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The...

Cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claireblake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

Sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claireblake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit...

Sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The...

Information disclosure

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The...

Sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file commentframe.php. The manipulation of the argument postid leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

CVE-2022-2704 SourceCodester Simple E-Learning System downloadFiles.php information disclosure

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The...

CVE-2022-2704

CVE-2022-2704 affects the SourceCodester Simple E-Learning System. The vulnerability is in the downloadFiles.php file where the value of the download parameter is not properly validated, allowing arbitrary file downloads and resulting in information disclosure. The issue can be exploited remotely...

CVE-2022-2701 SourceCodester Simple E-Learning System claire_blake cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claireblake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

CVE-2022-2701

The CVE-2022-2701 entry concerns SourceCodester Simple E-Learning System. A cross-site scripting (XSS) vulnerability is triggered by manipulating the Bio parameter in the file /claire_blake, affecting unknown code paths. The attack is remote, and public exploits have been disclosed. Multiple conn...

CVE-2022-2699

SourceCodester Simple E-Learning System is affected by a SQL injection vulnerability in the file /claire_blake, exploiting the phoneNumber parameter. The issue can be triggered remotely and exploits have been disclosed publicly. Affected versions are not clearly specified in the provided document...

CVE-2022-2699 SourceCodester Simple E-Learning System claire_blake sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claireblake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit...

Simple E-Learning System 跨站脚本漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. Simple E-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter Bio in the file...

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. Simple E-Learning System is vulnerable to SQL injection, which stems from a missing validation of external input SQL statements in the parameter postid of the file commentframe.php. statement. An...

CVE-2022-2698

CVE-2022-2698 affects SourceCodester Simple E-Learning System, specifically the search.php functionality. The vulnerability is a SQL injection in the searchPost parameter that can be exploited remotely, with exploitation disclosed publicly. Multiple connected sources confirm the issue and classif...