Simple E-Learning System SQL Injection Vulnerability (CNVD-2023-11439)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection due to a lack of validation of external input SQL statements in the search.php parameter searchPost. . An attacker could use this vulnerability t...

Simple E-Learning System SQL Injection Vulnerability (CNVD-2023-11437)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the parameter phoneNumber of the file /claireblake. statements. An...

Simple E-Learning System Cross-Site Scripting Vulnerability (CNVD-2023-11440)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. Simple E-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter Bio in the file...

Simple E-Learning System SQL Injection Vulnerability (CNVD-2023-11442)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. simple E-Learning System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements for the postid parameter. An attacker could use this vulnerability to...

Simple E-Learning System SQL Injection Vulnerability (CNVD-2023-11438)

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. Simple E-Learning System is vulnerable to SQL injection, which stems from a missing validation of external input SQL statements in the parameter postid of the file commentframe.php. statement. An...

Can your EDR handle a ransomware attack? 6-point checklist for an anti-ransomware EDR

Most cybersecurity experts agree that having Endpoint Detection and Response software is essential to fighting ransomware today--but not every EDR is equal. Businesses, especially small-to-medium sized ones with limited budget or IT resources, need to make sure that their EDR is cost-effective,...

CVE-2022-2697

A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file commentframe.php. The manipulation of the argument postid leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

CVE-2022-2699

A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claireblake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2022-2701

A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claireblake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

CVE-2022-2704

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The...

CVE-2022-2698

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The...

Sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The...

Sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file commentframe.php. The manipulation of the argument postid leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...

Cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claireblake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

Information disclosure

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The...

Sql injection

A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claireblake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2022-2704 SourceCodester Simple E-Learning System downloadFiles.php information disclosure

A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The...

CVE-2022-2704

CVE-2022-2704 affects the SourceCodester Simple E-Learning System. The vulnerability is in the downloadFiles.php file where the value of the download parameter is not properly validated, allowing arbitrary file downloads and resulting in information disclosure. The issue can be exploited remotely...

CVE-2022-2701 SourceCodester Simple E-Learning System claire_blake cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claireblake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...

CVE-2022-2701

The CVE-2022-2701 entry concerns SourceCodester Simple E-Learning System. A cross-site scripting (XSS) vulnerability is triggered by manipulating the Bio parameter in the file /claire_blake, affecting unknown code paths. The attack is remote, and public exploits have been disclosed. Multiple conn...