Lucene search
K

16 matches found

CVE
CVE
added 5 days ago11 views

CVE-2026-14753

The CVE-2026-14753 entry concerns the mjperpinosa stumasy project (Note Handler/Assignment Handler) with a vulnerability in the /PHP/objects/notes component. The root cause is a manipulation of the argument assignment_item_id that results in an authorization bypass. The flaw can be triggered remo...

7.5CVSS6.7AI score0.00309EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago27 views

CVE-2026-14753 mjperpinosa stumasy Note Handler/Assignment notes authorization

A vulnerability was detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This impacts an unknown function of the file /PHP/objects/notes of the component Note Handler/Assignment Handler. Performing a manipulation of the argument assignmentitemid results in authorization...

7.5CVSS0.00309EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-14752

A security vulnerability has been detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This affects the function adddefinition of the file application/PHP/objects/notes/addintodictionary.php. Such manipulation of the argument reference leads to cross site scripting. It ...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References6
CVE
CVE
added 5 days ago8 views

CVE-2026-14750

The CVE-2026-14750 entry concerns mjperpinosa stumasy with a SQL injection in the function Notes_controller::accessing_dictionary_authorization (file application/PHP/objects/notes/accessing_dictionary_authorization.php). Manipulating the Password argument enables a remote attacker to leverage SQL...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-14749 mjperpinosa stumasy calculate.php eval code injection

A vulnerability was identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. Impacted is the function eval of the file application/pages/imbacalculator/calculate.php. The manipulation of the argument mathematicalsentence leads to code injection. The attack is possible to ...

7.5CVSS0.00322EPSS
Exploits0References6
CVE
CVE
added 5 days ago11 views

CVE-2026-14749

The CVE-2026-14749 entry concerns mjperpinosa stumasy up to commit 327d1b0f2915ba79d7ef8ebb74553e987609d9be. Vulnerability: the eval call in file application/pages/imba_calculator/calculate.php is affected; manipulating the argument mathematical_sentence enables code injection. Impact is remote, ...

7.5CVSS6.8AI score0.00322EPSS
Exploits0References6
NVD
NVD
added 2026/06/04 2:16 p.m.14 views

CVE-2026-10807

A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...

6.5CVSS0.00209EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/04 12:30 p.m.9 views

CVE-2026-10807 mjperpinosa stumasy change_profile_image.php unrestricted upload

A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...

6.5CVSS5.6AI score0.00209EPSS
Exploits0References6
CVE
CVE
added 2026/06/04 12:30 p.m.16 views

CVE-2026-10807

The CVE-2026-10807 entry concerns mjperpinosa stumasy, affecting the unknown function in application/PHP/objects/profiles/change_profile_image.php. The issue allows an attacker to manipulate the pr_profile_image argument to achieve unrestricted upload, with remote exploitation. Public exploit dis...

6.5CVSS6.4AI score0.00209EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/04 12:15 p.m.9 views

CVE-2026-10806 mjperpinosa stumasy add_post.php unrestricted upload

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS5.5AI score0.00209EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:15 p.m.7 views

CVE-2026-10806

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS6.3AI score0.00209EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/04 12:15 p.m.10 views

EUVD-2026-34252

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS5.5AI score0.00209EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/04 12:15 p.m.41 views

CVE-2026-10806 mjperpinosa stumasy add_post.php unrestricted upload

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00209EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46220

A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/change profile image.php. Executing a manipulation of the argument pr profile image can lead to unrestricted upload. The attack may be launched remotely...

6.5CVSS6.4AI score0.00209EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.6 views

stumasy 代码问题漏洞

Stumasy is a student performance management and analysis system developed by Marejean Chernyak. Stumasy has code vulnerabilities; these vulnerabilities arise from an unknown function in the application/PHP/objects/updates/addpost.php file, which allows unlimited uploads due to improper handling o...

6.5CVSS6.5AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

stumasy 代码问题漏洞

Stumasy is a student performance management and analysis system developed by Marejean Chernyak. Stumasy has code vulnerabilities; these vulnerabilities arise from the operation of an unknown function in the application/PHP/objects/profiles/changeprofileimage.php file, which leads to unlimited...

6.5CVSS6.5AI score0.00209EPSS
Exploits0References6
Rows per page
Query Builder