GUnet OpenEclass E-learning platform 1.7.3 - uname SQL Injection

GUnet OpenEclass E-learning platform 1.7.3 - uname SQL Injection Exploit Title: GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2019-11-03 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...

Rethinking cyber learning—consider gamification

As promised, I’m back with a follow-up to my recent post, Rethinking how we learn security, on how we need modernize the learning experience for cybersecurity professionals by gamifying training to make learning fun. Some of you may have attended the recent Microsoft Ignite events in Orlando and...

Unspecified vulnerability in Moodle (CNVD-2019-43890)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle that can be exploited by attackers to bypass security restrictions and perform unauthorized...

Multiple Vulnerabilities in Youmu's Learning Platform

Ltd. is a company that builds institutions' informatized teaching and management support system based on the comprehensive platform of Youmu class online education. There are multiple vulnerabilities in the UMOCL learning platform, which can be exploited by attackers to arbitrarily upload, downlo...

EVABS - Extremely Vulnerable Android Labs

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application...

Multiple loopholes in the cadre online learning platform of Hangzhou Elite Online Education Technology Co.

Hangzhou Elite Online Education Technology Co., Ltd. is a brand of cadre online learning, and has successfully built large-scale cadre education platforms for leading cadres of many organization ministries and other organs in China, providing solutions for all-round intelligent learning. There is...

XXE Vulnerability in Depart.asmx, a Universal Online Learning Platform for MicroXia

Micro Xia Online Learning Platform is an online education system based on B/S architecture. The product/SOPA/Depart.asmx suffers from XXE injection vulnerability, which can be exploited by an attacker to remotely read arbitrary files from the server...

XXE Vulnerability in Employee.asmx File of Microxia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. XXE vulnerability exists in the Employee.asmx file of MicroXia Online Learning Platform, which can be exploited by an attacker to remotely read arbitrary files on the server...

Arbitrary File Upload Vulnerability in OrganSetup.aspx Page of MicroXia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. An arbitrary file upload vulnerability exists in the OrganSetup.aspx page of Weixia General Online Learning Platform. The vulnerability is caused by the file upload function module on the page not...

Arbitrary file upload vulnerability in the Uploading.ashx file of MicroXia e-learning platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. An arbitrary file uploading vulnerability exists in the Uploading.ashx file of the Weixia Online Learning Platform. It allows attackers to exploit the vulnerability to upload webshell and gain server...

Moodle Information Disclosure Vulnerability (CNVD-2016-11544)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. Moodle has an information disclosure vulnerability that can be exploited by attackers ...

SQL injection vulnerability in news.htm?id=parameter of distance learning platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is centered on real-time interactive online classroom, combining powerful functions such as courseware on demand, course transaction, online payment and online examination to build a perfect online knowledge transaction platform for students and...

SQL injection vulnerability in the distance learning platform courses.htm?recommend= parameter of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is an online knowledge trading platform centered on real-time interactive online classroom, combining powerful functions such as courseware on-demand, course transaction, online payment, and online examination, etc. for students and teachers in...

SQL injection vulnerability in the coursewares.htm?recommend= parameter of the distance learning platform of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is an online knowledge trading platform centered on real-time interactive online classroom, combining powerful functions such as courseware on-demand, course transaction, online payment, and online examination, etc. for students and teachers in...

SQL injection vulnerability in the remote education platform teacher.htm?id= parameter of Shenzhen Tengchuang Network Technology Co.

Tengchuang Internet Distance Education Platform is an online knowledge trading platform centered on real-time interactive online classroom, combining powerful functions such as courseware on-demand, course transaction, online payment, and online examination, etc. for students and teachers in...

promotion-sociale-marche.be XSS vulnerability

Vulnerable URL: http://www.promotion-sociale-marche.be/e-learning/claroline/backends/download.php?url=aHR0cDovL2cuZTxzdmcgb25sb2FkPWFsZXJ0KCJYU1NQT1NFRCIpPg==%3D=true=TOUS&7880348a71b083f9544b8331e92830aa=de5c42b513f83b302438c4e30c6df000 Details: Description| Value ---|--- Patched:| No Latest che...

Chamilo LMS Cross-Site Request Forgery Vulnerability

Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. Chamilo LMS suffers from cross-site request forgery vulnerabilities th...

eFront Learning 3.6.11 Cross Site Scripting

Affected software: efrontlearning Type of vulnerability: stored xss URL: http://demo.efrontlearning.net/ Discovered by: Provensec Website: http://www.provensec.com Description: Open Source e-Learning Proof of concept version:eFront 3.6.11 goto addd new category...

Docebo LMS <= 4.0.4 - (messages) Remote Code Execution

No description provided by source. ?php / Docebo LMS = v4.0.4 messages remote code execution exploit vendor: http://www.docebo.com/ software link: http://www.docebo.com/community/doceboCms/ author: mrme::rwx kru email: steventhomasseeley!gmail!com We must become the change we want to see in the...

Large power online online distance learning platform 0DAY National Electrical chase to eat)-vulnerability warning-the black bar safety net

Brief description: Long time of vulnerability, the vendor iswww.open.edu.cn, today finishing the blog found this 0day can also use the publication to the next. A plurality of injection vulnerabilities, filtering and etc. but can bypass the database connection configuration file is exposed,...