Times bright China e-Learning system /resin-doc/examples/security-basic/viewfile parameter file arbitrary file read vulnerability

No description provided by source...

Chamlio LMS Cross-Site Scripting Vulnerability

Chamilo is an open source e-learning and content management system. A cross-site scripting vulnerability exists in Chamilo LMS, which allows remote attackers to inject malicious script code into the client side of the affected application module...

Arbitrary File Content Disclosure in Atutor

High-Tech Bridge Security Research Lab discovered path traversal vulnerability in a popular web-based e-learning system Atutor. A remote attacker can view contents of arbitrary local files on the target system with privileges of the web server. The vulnerability may allow an attacker gain access ...

Forma Lms SQL Injection Vulnerability

Forma Lms is an open source web-based learning management system LMS. A SQL injection vulnerability exists in Forma Lms, which allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

Blackboard Learning System 5.x/6.0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10101/info Blackboard Learning System has been reported prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly validate user supplied URI input. The first...

Blackboard Learning System 6.0 Dropbox File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10515/info It is reported that Blackboard improperly allows users to download files posted in the 'Digital Dropbox'. Files in the dropbox are intended for the course administrators. The application does not verify that th...

Blackboard Learning System <= 8.0 SP6 Unspecified XSS

According to its version number, the Blackboard Learning System, now known as Blackboard Learn, install hosted on the remote web server is affected by an unspecified cross-site scripting vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's...

CVE-2009-2148

SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter...

Moodle: Sensitive File Disclosure

Moodle File Disclosure Vulnerability Systems Affected Moodle series 1.6.9+, 1.7.7+, 1.8.9, 1.9.5 Severity Critical Probability of being vulnerable Rather Low Vendor http://moodle.org/ Filed Bug MDL-18552 Author Christian J. Eibl Date 20090327 I. BACKGROUND Moodle is an open source webbased learni...

CVE-2008-3363

Directory traversal vulnerability in userportal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ dot dot backslash in the include parameter...

CVE-2008-3363

Affected software: Dokeos E-Learning System 1.8.5 (Windows). Vulnerable component: user_portal.php; issue: directory traversal leading to local file inclusion in include parameter. Root cause: insufficient sanitization of user input. Impact (as stated): remote attacker can view local files or exe...

CVE-2008-3363

Directory traversal vulnerability in userportal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ dot dot backslash in the include parameter...

Dokeos E-Learning System 1.8.5 Local File Inclusion Vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-029 Application: Dokeos E-Learning System Versions Affected: 1.8.5 Vendor URL: http://dokeos.com/ Bug: Local File Include Exploits: YES Reported: 01.07.2008 Vendor response: 05.07.2008 Solution: YES Date ...

Dokeos E-Learning System 1.8.5 Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= Dokeos E-Learning System 1.8.5 Local File Inclusion Vulnerability ================================================================= Digital Security Research Group DSecRG...

Dokeos E-Learning System 1.8.5 - Local File Inclusion

Dokeos E-Learning System 1.8.5 - Local File Inclusion Digital Security Research Group DSecRG Advisory DSECRG-08-029 Application: Dokeos E-Learning System Versions Affected: 1.8.5 Vendor URL: http://dokeos.com/ Bug: Local File Include Exploits: YES Reported: 01.07.2008 Vendor response: 05.07.2008...

Dokeos E-Learning System 1.8.5 - Local File Inclusion

Digital Security Research Group DSecRG Advisory DSECRG-08-029 Application: Dokeos E-Learning System Versions Affected: 1.8.5 Vendor URL: http://dokeos.com/ Bug: Local File Include Exploits: YES Reported: 01.07.2008 Vendor response: 05.07.2008 Solution: YES Date of Public Advisory: 17.07.2008...

Interact E-Learning System 2.4.1 (help.php) LFI Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== Interact E-Learning System 2.4.1 help.php LFI Vulnerabilities =============================================================== Application: Interact E-Learning System Versions...

DSEGRG-08-31.txt

Digital Security Research Group DSecRG Advisory DSECRG-08-31 Application: Interact E-Learning System Versions Affected: 2.4.1 Vendor URL: http://sourceforge.net/projects/cce-interact Bug: Local File Include Exploits: YES Reported: 03.07.2008 Vendor response: 04.07.2008 Solution: YES Date of Publi...

Interact 2.4.1 - &#039;help.php&#039; Local File Inclusion

Digital Security Research Group DSecRG Advisory DSECRG-08-31 Application: Interact E-Learning System Versions Affected: 2.4.1 Vendor URL: http://sourceforge.net/projects/cce-interact Bug: Local File Include Exploits: YES Reported: 03.07.2008 Vendor response: 04.07.2008 Solution: YES Date of Publi...

Interact E-Learning System 2.4.1 (help.php) LFI Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-31 Application: Interact E-Learning System Versions Affected: 2.4.1 Vendor URL: http://sourceforge.net/projects/cce-interact Bug: Local File Include Exploits: YES Reported: 03.07.2008 Vendor response:...