CVE-2024-50671

Incorrect access control in Adapt Learning Adapt Authoring Tool = 0.11.3 allows attackers with Authenticated User roles to obtain email addresses via the "Get users" feature. The vulnerability occurs due to a flaw in permission verification logic, where the wildcard character in permitted URLs...

CVE-2024-50672

Summary: CVE-2024-50672 affects Adapt Learning Adapt Authoring Tool versions <= 0.11.3. A NoSQL injection flaw arises from insufficient input validation, where attacker-controlled input is used in a Mongoose find() query. This can allow unauthenticated users to reset passwords for regular and ...

PT-2024-34388 · Adapt Learning +1 · Adapt Learning Adapt Authoring Tool +1

Name of the Vulnerable Software and Affected Versions: Adapt Learning Adapt Authoring Tool versions = 0.11.3 Description: A NoSQL injection issue allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature. This occurs due to insufficient...

CVE-2024-50671

CVE-2024-50671 concerns Adapt Learning’s Adapt Authoring Tool (versions

The vulnerability in the virtual learning environment Moodle, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.

The vulnerability in the virtual learning environment Moodle is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures to neutralize instructions within the dynamically executed code, allowing a violator to execute arbitrary code.

The vulnerability of the Chamilo LMS electronic learning and content management system lies in the lack of measures taken to neutralize instructions within the dynamically executed code. Exploitation of this vulnerability could allow a malicious actor to execute arbitrary code remotely...

ROS-20241121-05

The vulnerability in the Moodle virtual learning environment is related to issues with controlling the visibility of user information in gradebook reports. of user information in gradebook reports. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to...

ROS-20241121-01

Vulnerability in Moodle virtual learning environment related to excessive data output by application in Messaging error message. Messaging error message. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to confidential information. remotely, to...

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from the need to perform additional checks to ensure that users only ha...

Researchers Warn of Privilege Escalation Risks in Google's Vertex AI ML Platform

Cybersecurity researchers have disclosed two security flaws in Google's Vertex machine learning ML platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud. "By exploiting custom job permissions, we were able to escalate ou...

IBM Security ReaQta Cross-Site Scripting Vulnerability

ReaQta is an advanced endpoint security platform from IBM Security that utilizes artificial intelligence and machine learning technologies to identify, manage and automate responses to cybersecurity threats. A cross-site scripting vulnerability exists in Security ReaQta that stems from the...

Chamilo LMS 安全漏洞

Chamilo LMS is an open source online learning and collaboration system from Chamilo Open Source. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version v.1.11.26, which stems fro...

Moodle Access Control Error Vulnerability

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an Access Control Error vulnerability that stems from insufficient access control over the inclusion of an...

CVE-2024-50831

A SQL Injection was found in /admin/adminuser.php in kashipara E-learning Management System Project 1.0 via the username and password parameters...

CVE-2024-50831

A SQL Injection was found in /admin/adminuser.php in kashipara E-learning Management System Project 1.0 via the username and password parameters...

CVE-2024-50830

A SQL Injection vulnerability was found in /admin/calendarofevents.php in kashipara E-learning Management System Project 1.0 via the datestart, dateend, and title parameters...

CVE-2024-50826

A SQL Injection vulnerability was found in /admin/addcontent.php in kashipara E-learning Management System Project 1.0 via the title and content parameters...

CVE-2024-50824

A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the classname parameter...

CVE-2024-50829

A SQL Injection vulnerability was found in /admin/editsubject.php in kashipara E-learning Management System Project 1.0 via the unit parameter...

CVE-2024-50827

A SQL Injection vulnerability was found in /admin/addsubject.php in kashipara E-learning Management System Project 1.0 via the subjectcode parameter...