Lucene search
K

71 matches found

CVE
CVE
added 2020/08/19 11:50 a.m.46 views

CVE-2020-24381

GUnet Open eClass Platform (openeclass) prior to 3.11 is vulnerable to reading submitted assessments due to directory listing not being blocked and the data directory being inside the web root. This could allow remote attackers to access student submissions. The affected product/version is public...

7.5CVSS7.4AI score0.01356EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/08/19 11:50 a.m.33 views

CVE-2020-24381

GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...

7.5AI score0.01356EPSS
Exploits1References2
0day.today
0day.today
added 2020/03/03 12:0 a.m.140 views

GUnet OpenEclass 1.7.3 E-learning platform - (month) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/03 12:0 a.m.216 views

GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection

Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2020-03-02 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link: http://download.openeclass.org/files/1.7/eclass-1.7.3.tar.gz Version:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2020/03/03 12:0 a.m.66 views

GUnet OpenEclass 1.7.3 E-learning platform - month SQL Injection

GUnet OpenEclass 1.7.3 E-learning platform - month SQL Injection Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2020-03-02 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...

Exploits0
exploitpack
exploitpack
added 2020/02/24 12:0 a.m.41 views

GUnet OpenEclass E-learning platform 1.7.3 - uname SQL Injection

GUnet OpenEclass E-learning platform 1.7.3 - uname SQL Injection Exploit Title: GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2019-11-03 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...

Exploits0
Exploit DB
Exploit DB
added 2020/02/24 12:0 a.m.145 views

GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection

Exploit Title: GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2019-11-03 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link: http://download.openeclass.org/files/1.7/eclass-1.7.3.tar.gz Version:...

7.4AI score
Exploits0
NVD
NVD
added 2017/04/01 2:59 a.m.14 views

CVE-2017-7389

Multiple Cross-Site Scripting XSS were discovered in 'openeclass Release3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data meetingid, user passed to the 'openeclass-master/modules/tc/webconf/webconf.php' URL. An attacker could execute arbitrary HTML and script...

6.1CVSS6.1AI score0.00838EPSS
Exploits1References2
OSV
OSV
added 2017/04/01 2:59 a.m.12 views

CVE-2017-7389

Multiple Cross-Site Scripting XSS were discovered in 'openeclass Release3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data meetingid, user passed to the 'openeclass-master/modules/tc/webconf/webconf.php' URL. An attacker could execute arbitrary HTML and script...

6.1CVSS6.1AI score
Exploits0References2
CVE
CVE
added 2017/04/01 1:7 a.m.45 views

CVE-2017-7389

CVE-2017-7389 affects Open eClass Release_3.5.4. The vulnerability is a Cross-Site Scripting (XSS) due to insufficient filtering of user-supplied data (meeting_id, user) passed to the openeclass-master/modules/tc/webconf/webconf.php URL. An attacker could cause the browser to execute arbitrary HT...

6.1CVSS6AI score0.00838EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/04/01 1:7 a.m.18 views

CVE-2017-7389

Multiple Cross-Site Scripting XSS were discovered in 'openeclass Release3.5.4'. The vulnerabilities exist due to insufficient filtration of user-supplied data meetingid, user passed to the 'openeclass-master/modules/tc/webconf/webconf.php' URL. An attacker could execute arbitrary HTML and script...

6.1AI score0.00838EPSS
Exploits1References2
Rows per page
Query Builder