CVE-2024-13109

A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.html. The manipulation leads to improper authorization. The attack may be initiated remotely. The...

CVE-2024-13109 Beijing Yunfan Internet Technology Yunfan Learning Examination System doc.html improper authorization

A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.html. The manipulation leads to improper authorization. The attack may be initiated remotely. The...

CVE-2024-13109 Beijing Yunfan Internet Technology Yunfan Learning Examination System doc.html improper authorization

A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.html. The manipulation leads to improper authorization. The attack may be initiated remotely. The...

CVE-2024-13109

CVE-2024-13109 affects Beijing Yunfan Internet Technology Yunfan Learning Examination System v1.9.2. The issue arises from processing of the file /doc.html, enabling improper authorization and a remote-possible attack. Public exploit information is present. Affects a known version; remediation gu...

Yunfan Learning Examination System 安全漏洞

Yunfan Learning Examination System is an examination application from China Yunfan Yunfan Company. A security vulnerability exists in Yunfan Learning Examination System version 1.9.2, which stems from some unknown processing of the file /doc.html that can lead to improper authorization...

PT-2025-2007 · Beijing Yunfan Internet Technology · Yunfan Learning Examination System

Name of the Vulnerable Software and Affected Versions: Beijing Yunfan Internet Technology Yunfan Learning Examination System version 1.9.2 Description: A critical issue has been found in the system, affecting some unknown processing of the file /doc.html. The manipulation leads to improper...

PT-2025-2008 · Beijing Yunfan Internet Technology · Yunfan Learning Examination System

Name of the Vulnerable Software and Affected Versions: Beijing Yunfan Internet Technology Yunfan Learning Examination System version 1.9.2 Description: A problematic issue has been found in the Beijing Yunfan Internet Technology Yunfan Learning Examination System. It affects an unknown function o...

WordPress plugin WPLMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

[SECURITY] Fedora 40 Update: moodle-4.3.9-1.fc40

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...

[SECURITY] Fedora 41 Update: moodle-4.4.5-1.fc41

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...

PT-2024-36681 · Wplms · Wplms

Name of the Vulnerable Software and Affected Versions: WPLMS versions 1.9.9 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can be exploited by uploading malicious files,...

CVE-2024-56053

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3...

WordPress WPLMS plugin < 1.9.9.5.3 - Subscriber+ Arbitrary File Upload vulnerability

Subscriber+ Arbitrary File Upload vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WPLMS versions 1.9.9.5.3...

WordPress WPLMS plugin <= 1.9.9 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WPLMS versions = 1.9.9...

CVE-2024-12127

The Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 0.0.21 due to insufficient input sanitization and output escaping. This...

CVE-2024-12127 Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS <= 0.0.21 - Reflected Cross-Site Scripting via page Parameter

The Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 0.0.21 due to insufficient input sanitization and output escaping. This...

WordPress plugin Learning Management System 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-11868

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.7.3 via class-lp-rest-material-controller.php. This makes it possible for unauthenticated attackers to extract potentially sensitive paid course...

CVE-2024-54938

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads...

CVE-2024-54938

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads...