CVE-2024-5519 ItsourceCode Learning Management System Project In PHP login.php sql injection

A vulnerability classified as critical was found in ItsourceCode Learning Management System Project In PHP 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be initiated remotely. The exploit has...

PT-2024-36491 · Unknown · Itsourcode Learning Management System

Name of the Vulnerable Software and Affected Versions: ItsourceCode Learning Management System Project In PHP version 1.0 Description: A critical vulnerability was found in the ItsourceCode Learning Management System Project In PHP. This issue affects the file login.php and is related to the...

vantage6 安全漏洞

vantage6 is a vantage6 open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A security vulnerability exists in versions of vantage6 prior to 4.5.0 that stems from the ability of collaboration administrators to add additional organizations to their...

Optimizing LMS Integration: 7 Strategies for Enhanced Blended Learning

By Uzair Amir Blended learning, a method that melds in-person teaching with online learning, has become increasingly popular recently. This innovative… This is a post from HackRead.com Read the original post: Optimizing LMS Integration: 7 Strategies for Enhanced Blended Learning...

PT-2024-24129 · Open Quantum Safe · Liboqs

Name of the Vulnerable Software and Affected Versions: Open Quantum Safe liboqs version 10.0 Description: An issue in Open Quantum Safe liboqs allows a remote attacker to escalate privileges via the crypto sign signature parameter in the /pqcrystals-dilithium-standard ml-dsa-44-ipd avx2/sign.c...

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-34919

The CVE-2024-34919 entry describes an arbitrary file upload in Pisay Online E-Learning System v1.0, specifically the modstudent/controller.php component, enabling attackers to execute arbitrary code via crafted uploads. The vulnerability is associated with PHP/MySQL-based Pisay Online E-Learning ...

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2024-24882

Improper Privilege Management vulnerability in Masteriyo LMS allows Privilege Escalation.This issue affects LMS: from n/a through 1.7.2...

PT-2024-26248 · Unknown · Pisay Online E-Learning System

Name of the Vulnerable Software and Affected Versions: Pisay Online E-Learning System version 1.0 Description: The issue concerns an arbitrary file upload vulnerability in the modstudentcontroller.php component. This allows attackers to execute arbitrary code by uploading a crafted file. No...

RunGptLLM class in LlamaIndex has a command injection

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

GHSA-PW38-XV9X-H8CH RunGptLLM class in LlamaIndex has a command injection

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

CVE-2024-4181

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

CVE-2024-4181 Command Injection in run-llama/llama_index

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

CVE-2024-4181 Command Injection in run-llama/llama_index

A command injection vulnerability exists in the RunGptLLM class of the llamaindex library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models LLMs. The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised...

CVE-2024-4181

The CVE-2024-4181 issue affects llama_index (RunGptLLM class) version 0.9.47 used by RunGpt framework to connect to LLMs. Root cause: unsafe use of eval enabling a malicious or compromised LLM hosting provider to run arbitrary commands on a client machine. Impact statements in sources indicate th...

编号撤回

wandb is a tool for visualizing and tracking machine learning experiments. This CVE number has been withdrawn...

CVE-2024-35171

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.25...

CVE-2024-34359

CVE-2024-34359 affects llama-cpp-python (Python bindings for llama.cpp). The vulnerability arises when init loads a model’s chat template from the gguf metadata and constructs self.chat_handler via llama_chat_format.Jinja2ChatFormatter.to_chat_handler(), using a sandbox-less Jinja2 Environment. R...