CVE-2020-36084

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/deleteteacherstudents.php?id= parameter via id field...

CVE-2020-2880

Vulnerability in the Oracle Learning Management product of Oracle E-Business Suite component: OTA Training Activities. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2024-21649

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. Prior to 4.2.0, authenticated users could inject code into algorithm environment variables, resulting in remote code execution. This vulnerability is...

CVE-2024-10470

The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks in the readfile and unlink functions in all versions up to, and including, 4.962. This makes it...

CVE-2024-4349

A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...

SourceCodester Responsive E-Learning System 安全漏洞

SourceCodester Responsive E-Learning System is an open source e-learning system from Sourcecodester. A security vulnerability exists in SourceCodester Responsive E-Learning System version 1.0. An attacker can exploit this vulnerability to inject a sql query via the id field in the...

CVE-2020-36084

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/deleteteacherstudents.php?id= parameter via id field...

CVE-2020-36084

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote attackers to inject sql query in /elearning/deleteteacherstudents.php?id= parameter via id field...

CVE-2020-36084

CVE-2020-36084 describes a SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0, where an attacker can inject SQL via the id parameter in /elearning/delete_teacher_students.php?id=. The CVSS metrics indicate a critical risk (CVSS v3.1: 9.8, Network attack vector, no priv...

Security Bulletin: Vulnerabilites in the IBM WebSphere Application Server Liberty version 17.0.0.3 - 24.0.0.5 affects Watson Machine Learning Accelerator on Cloud Pak for Data

Summary Vulnerabilites in the IBM WebSphere Application Server Liberty version 17.0.0.3 - 24.0.0.5 affects Watson Machine Learning Accelerator on Cloud Pak for Data several releases. It has be fixed in Watson Machine Learning Accelerator on Cloud Pak for Data 5.0.1 release. Vulnerability Details...

PT-2025-2712 · Qualcomm · Qualcomm Snapdragon Auto

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto affected versions not specified Description: Memory corruption occurs while parsing the ML IE due to invalid frame content. This issue could potentially be exploited for remote code execution. Recommendations: At the...

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

CVE-2023-4220 Exploit for CVE-2023-4220 Esto es un exploit...

CVE-2024-49375 Remote Code Execution via Remote Model Loading in Rasa

Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API must be enabled on t...

CVE-2025-23042 Gradio Blocked Path ACL Bypass Vulnerability

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...

Malicious code in amzn-aws-glue-ml-libs-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e5986d73558862130dbb1317c6a92532786ec34f23d4d88c8fd6273198c5ce45 This is a couple of packages with names appearing to be a library for an AWS or other service. Their only behaviour is to call home on installation or import -...

Rasa 安全漏洞

Rasa is an open source machine learning framework for automating text and speech based conversations. A security vulnerability exists in Rasa. An attacker exploiting the vulnerability can remotely execute code...

CVE-2024-13265

Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno Learning path allows PHP Local File Inclusion.This issue affects Opigno Learning path: from 0.0.0 before 3.1.2...

CVE-2024-13265 Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029

Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno Learning path allows PHP Local File Inclusion.This issue affects Opigno Learning path: from 0.0.0 before 3.1.2...

CVE-2024-13265 Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029

Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno Learning path allows PHP Local File Inclusion.This issue affects Opigno Learning path: from 0.0.0 before 3.1.2...

CVE-2024-13265

CVE-2024-13265 affects the Opigno Learning Path module used with Drupal. According to the connected documents, the issue is caused by improper neutralization of directives in statically saved code (static code injection), which allows PHP Local File Inclusion and can enable arbitrary code executi...