CVE-2024-54932

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletedepartment.php...

CVE-2024-54918

Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacheravatar.php...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deletecontent.php...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deletestudent.php...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the firstname, lastname,...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary scripts via the mymessage parameter...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary Java script via the filename parameter...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access sensitive files and directories via /admin/assets...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deletesubject.php...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary scripts via the mymessage parameter...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to gain unauthorized access to the database by executing arbitrary SQL commands via the...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands to access the database via the department parameter...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from a SQL injection vulnerability in /admin/deleteteacher.php...

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deleteusers.php...

CVE-2024-54925

CVE-2024-54925 is a SQL injection vulnerability in Kashipara E-learning Management System v1.0. The flaw resides in the /remove_sent_message.php endpoint (parameter: id), allowing remote attackers to execute arbitrary SQL commands and gain unauthorized database access. Reported CVSSv3.1 base scor...

CVE-2024-54926

CVE-2024-54926: Kashipara E-learning Management System v1.0 has a SQL Injection in /search_class.php via the school_year parameter, enabling remote attackers to execute arbitrary SQL and access the database. The issue’s root cause is an unsafely handled input in the search_class.php endpoint, wit...

CVE-2024-54921

CVE-2024-54921 affects Kashipara E-learning Management System v1.0, with a SQL injection in /student_signup.php that allows remote attackers to execute arbitrary SQL through the username, firstname, lastname, and class_id parameters, leading to unauthorized database access. The CVSS v3.1 data ind...

CVE-2024-54935

CVE-2024-54935 describes a Stored Cross-Site Scripting (XSS) in the Kashipara E-learning Management System v1.0. The vulnerability is in /send_message_teacher_to_student.php and is exploitable via the my_message parameter, enabling remote attackers to inject and execute arbitrary scripts. Impact ...

CVE-2024-54937

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets...

CVE-2024-54924

A SQL Injection was found in /admin/editcontent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the title and content parameters...