CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/09/24 5:35 a.m.•12 views

CVE-2025-10782

A security flaw has been discovered in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/class.php. Performing manipulation of the argument classname results in sql injection. The attack is possible to be carried out remotely. The exploit has been...

9.8CVSS7AI score0.00387EPSS

RedhatCVE•added 2025/09/24 5:35 a.m.•11 views

CVE-2025-10783

A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addsubject.php. Executing manipulation of the argument subjectcode can lead to sql injection. The attack may be performed from remote. T...

9.8CVSS7AI score0.00387EPSS

RedhatCVE•added 2025/09/24 4:13 a.m.•9 views

CVE-2025-10781

A vulnerability was identified in Campcodes Online Learning Management System 1.0. This impacts an unknown function of the file /admin/editclass.php. Such manipulation of the argument classname leads to sql injection. The attack can be executed remotely. The exploit is publicly available and migh...

9.8CVSS7.1AI score0.00387EPSS

Packet Storm News•added 2025/09/24 12:0 a.m.•3 views

Can Federated Learning Safeguard Private Data in LLM Training? Vulnerabilities, Attacks, and Defense Evaluation

Fine-tuning large language models LLMs with local data is a widely adopted approach for organizations seeking to adapt LLMs to their specific domains. Given the shared characteristics in data across different organizations, the idea of collaboratively fine-tuning an LLM using data from multiple...

6.9AI score

Packet Storm News•added 2025/09/24 12:0 a.m.•6 views

Bi-GRPO: Bidirectional Optimization for Jailbreak Backdoor Injection on LLMs

With the rapid advancement of large language models LLMs, their robustness against adversarial manipulations, particularly jailbreak backdoor attacks, has become critically important. Existing approaches to embedding jailbreak triggers--such as supervised fine-tuning SFT, model editing, and...

7.3AI score

Positive Technologies•added 2025/09/23 12:0 a.m.•3 views

PT-2025-39212

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.34 Description Chamilo is a learning management system. A Cross-Site Request Forgery CSRF issue allows an attacker to delete projects within a course without the victim’s consent. Sensitive actions, such as proje...

8.1CVSS5.8AI score0.00151EPSS

Exploits0References5

Positive Technologies•added 2025/09/23 12:0 a.m.•2 views

PT-2025-39153

🗣️ CVE-2025-9125: Cross-Site Scripting Flaw in Lectora Courses Puts E-Learning Platforms at Risk https://t.co/EeMX3DPpeO...

6.3AI score

Exploits0References2

Positive Technologies•added 2025/09/23 12:0 a.m.•3 views

PT-2025-39214

Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.34 Description Chamilo is a learning management system susceptible to a stored cross-site scripting XSS issue. An attacker with limited access, such as a trainer, can inject malicious JavaScript into the course...

9CVSS5.9AI score0.00253EPSS

Exploits0References9

Packet Storm News•added 2025/09/23 12:0 a.m.•8 views

Towards Adapting Federated and Quantum Machine Learning for Network Intrusion Detection: a Survey

This survey explores the integration of Federated Learning FL with Network Intrusion Detection Systems NIDS, with particular emphasis on deep learning and quantum machine learning approaches. FL enables collaborative model training across distributed devices while preserving data privacy-a critic...

6.8AI score

Packet Storm News•added 2025/09/23 12:0 a.m.•5 views

Semantic-Aware Fuzzing: an Empirical Framework for LLM-Guided, Reasoning-Driven Input Mutation

Security vulnerabilities in Internet-of-Things devices, mobile platforms, and autonomous systems remain critical. Traditional mutation-based fuzzers -- while effectively explore code paths -- primarily perform byte- or bit-level edits without semantic reasoning. Coverage-guided tools such as AFL+...

7.2AI score

NVD•added 2025/09/22 10:15 p.m.•3 views

CVE-2025-10817

A weakness has been identified in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/adminuser.php. Executing manipulation of the argument firstname can lead to sql injection. The attack may be launched remotely. The exploit has been made...

9.8CVSS0.00384EPSS

OSV•added 2025/09/22 10:15 p.m.•2 views

CVE-2025-10817

9.8CVSS7AI score0.00384EPSS

Vulnrichment•added 2025/09/22 10:2 p.m.•3 views

CVE-2025-10817 Campcodes Online Learning Management System admin_user.php sql injection

7.5CVSS6.9AI score0.00384EPSS

Cvelist•added 2025/09/22 10:2 p.m.•10 views

CVE-2025-10817 Campcodes Online Learning Management System admin_user.php sql injection

7.5CVSS0.00384EPSS

CVE•added 2025/09/22 10:2 p.m.•16 views

CVE-2025-10817

CVE-2025-10817 affects Campcodes Online Learning Management System 1.0. The vulnerability is a SQL injection in the /admin/admin_user.php file caused by manipulating the firstname parameter. The issue can be exploited remotely and the exploit is publicly available. Multiple connected sources conf...

9.8CVSS6.9AI score0.00384EPSS

Exploits1References5Affected Software1

NVD•added 2025/09/22 7:15 p.m.•2 views

CVE-2025-10810

A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edituser.php. Performing manipulation of the argument firstname results in sql injection. The attack is possible to be carried out remotely. The exploit ...

9.8CVSS0.00629EPSS

Cvelist•added 2025/09/22 6:32 p.m.•9 views

CVE-2025-10810 Campcodes Online Learning Management System edit_user.php sql injection

7.5CVSS0.00629EPSS

Vulnrichment•added 2025/09/22 6:32 p.m.•1 views

CVE-2025-10810 Campcodes Online Learning Management System edit_user.php sql injection

7.5CVSS6.7AI score0.00629EPSS