7047 matches found
Simple E-Learning System Information Disclosure Vulnerability
Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. version v1.0 of Simple E-Learning System is vulnerable to information disclosure, which can be exploited by attackers to read arbitrary files resulting in information disclosure...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
Information disclosure
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
CVE-2022-43319
CVE-2022-43319 affects Simple E-Learning System v1.0. The vulnerability resides in the endpoint vcs/downloadFiles.php?download=./search.php, enabling an attacker to read arbitrary files and thus disclose confidential data. The reported impact is High confidentiality loss (CVSS v3.1: AV:N/AC:L/PR:...
Simple E-Learning System 安全漏洞
Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. version v1.0 of Simple E-Learning System is vulnerable to information disclosure, which can be exploited by attackers to read arbitrary files resulting in information disclosure...
PT-2022-26845 · Unknown · Simple E-Learning System
Name of the Vulnerable Software and Affected Versions: Simple E-Learning System version 1.0 Description: An information disclosure issue exists in the component "vcs/downloadFiles.php?download=./search.php" of Simple E-Learning System, allowing attackers to read arbitrary files. Recommendations:...
4 Major Benefits of Next Gen SIEM
By Owais Sultan Next gen SIEM is a cloud-native cyberscurity tool that utilizes artificial intelligence and machine learning to discover malicious activity in real-time. This is a post from HackRead.com Read the original post: 4 Major Benefits of Next Gen SIEM...
CVE-2022-41681
There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker with the role of student to privilege escalate in order to upload a Zip file through the SCORM importer feature. The exploitation of this vulnerability could lead to a remote code injection...
CVE-2022-42923
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker with the role of student to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete'...
CVE-2022-42925
There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker with the role of student to privilege escalate in order to upload a Zip file through the plugin upload component. The exploitation of this vulnerability could lead to a remote code injection...
7 Rapid Questions with Toshio Honda, Sr. Security Solutions Engineer
Toshio Honda, Sr. Security Solutions Engineer You have been with Rapid7 for 4 years now, what originally attracted you to work here? I worked for a cybersecurity company who is a leader for the “Prevention” area prior to joining Rapid7, and I was looking for the next opportunity based on 3...
Forma Learning Management System 跨站脚本漏洞
Forma Learning Management System LMS is a Learning Management System LMS. A security vulnerability exists in Forma Learning Management System 3.1.0 and prior versions, which originated from a vulnerability that allows remote attackers to inject JavaScript code into the backurl parameter, which ca...
Forma Learning Management System SQL注入漏洞
Forma Learning Management System LMS is a Learning Management System LMS. A security vulnerability exists in the Forma Learning Management System version 3.1.0, which originates from an SQl injection of the dynfilter parameter of the appLms/ajax.admserver.php?r=widget/userselector/getusertabledat...
Forma Learning Management System 代码问题漏洞
Forma Learning Management System LMS is a learning management system LMS. A security vulnerability exists in Forma Learning Management System version 3.1.0, which originates from the ability to upload a zip file when having student privileges, which could lead to remote code execution...
Forma Learning Management System 代码问题漏洞
Forma Learning Management System LMS is a Learning Management System LMS. A security vulnerability exists in Forma Learning Management System version 3.1.0 and earlier, which can be exploited by an attacker to elevate privileges and upload a Zip file via the SCORM importer feature...
Forma Learning Management System SQL注入漏洞
Forma Learning Management System LMS is a Learning Management System LMS. A security vulnerability exists in the Forma Learning Management System version 3.1.0, which originates from an SQl injection against the id parameter of the appCore/index.php?r=adm/mediagallery/delete function when student...
7 benefits of including a Q&A session as part of a webinar
By Owais Sultan No matter how diligently you prepare an online presentation, you can realistically expect it to leave viewers with… This is a post from HackRead.com Read the original post: 7 benefits of including a Q&A session as part of a webinar...