16 matches found
CVE-2026-14753
The CVE-2026-14753 entry concerns the mjperpinosa stumasy project (Note Handler/Assignment Handler) with a vulnerability in the /PHP/objects/notes component. The root cause is a manipulation of the argument assignment_item_id that results in an authorization bypass. The flaw can be triggered remo...
CVE-2026-14753 mjperpinosa stumasy Note Handler/Assignment notes authorization
A vulnerability was detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This impacts an unknown function of the file /PHP/objects/notes of the component Note Handler/Assignment Handler. Performing a manipulation of the argument assignmentitemid results in authorization...
CVE-2026-14752
A security vulnerability has been detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This affects the function adddefinition of the file application/PHP/objects/notes/addintodictionary.php. Such manipulation of the argument reference leads to cross site scripting. It ...
CVE-2026-14750
The CVE-2026-14750 entry concerns mjperpinosa stumasy with a SQL injection in the function Notes_controller::accessing_dictionary_authorization (file application/PHP/objects/notes/accessing_dictionary_authorization.php). Manipulating the Password argument enables a remote attacker to leverage SQL...
CVE-2026-14749 mjperpinosa stumasy calculate.php eval code injection
A vulnerability was identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. Impacted is the function eval of the file application/pages/imbacalculator/calculate.php. The manipulation of the argument mathematicalsentence leads to code injection. The attack is possible to ...
CVE-2026-14749
The CVE-2026-14749 entry concerns mjperpinosa stumasy up to commit 327d1b0f2915ba79d7ef8ebb74553e987609d9be. Vulnerability: the eval call in file application/pages/imba_calculator/calculate.php is affected; manipulating the argument mathematical_sentence enables code injection. Impact is remote, ...
CVE-2026-10807
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...
CVE-2026-10807 mjperpinosa stumasy change_profile_image.php unrestricted upload
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...
CVE-2026-10807
The CVE-2026-10807 entry concerns mjperpinosa stumasy, affecting the unknown function in application/PHP/objects/profiles/change_profile_image.php. The issue allows an attacker to manipulate the pr_profile_image argument to achieve unrestricted upload, with remote exploitation. Public exploit dis...
CVE-2026-10806 mjperpinosa stumasy add_post.php unrestricted upload
A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2026-10806
A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...
EUVD-2026-34252
A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2026-10806 mjperpinosa stumasy add_post.php unrestricted upload
A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...
PT-2026-46220
A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/change profile image.php. Executing a manipulation of the argument pr profile image can lead to unrestricted upload. The attack may be launched remotely...
stumasy 代码问题漏洞
Stumasy is a student performance management and analysis system developed by Marejean Chernyak. Stumasy has code vulnerabilities; these vulnerabilities arise from an unknown function in the application/PHP/objects/updates/addpost.php file, which allows unlimited uploads due to improper handling o...
stumasy 代码问题漏洞
Stumasy is a student performance management and analysis system developed by Marejean Chernyak. Stumasy has code vulnerabilities; these vulnerabilities arise from the operation of an unknown function in the application/PHP/objects/profiles/changeprofileimage.php file, which leads to unlimited...