31 matches found
CVE-2026-2997
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997 WisdomGarden|Tronclass - Insecure Direct Object Reference
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997 WisdomGarden|Tronclass - Insecure Direct Object Reference
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997
CVE-2026-2997 : WisdomGarden’s Tronclass contains an insecure direct object reference. An authenticated remote attacker who learns a course ID can modify a parameter to obtain a course invitation code and join any course. Public exploitation details are not provided in the connected documents; re...
PT-2026-21493
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
WisdomGarden Tronclass 安全漏洞
WisdomGarden Tronclass is an interactive teaching management platform developed by WisdomGarden Corporation. There is a security vulnerability in WisdomGarden Tronclass, which stems from insecure direct object references. This vulnerability could allow authenticated remote attackers to access any...
EUVD-2024-47775
Malicious code in bioql PyPI...
CVE-2025-10719
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability, allowing remote attackers with regular privilege to modify a specific parameter to access other users' files...
CVE-2025-10719
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability, allowing remote attackers with regular privilege to modify a specific parameter to access other users' files...
CVE-2025-10719 WisdomGarden|Tronclass - Insecure Direct Object Reference
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability, allowing remote attackers with regular privilege to modify a specific parameter to access other users' files...
CVE-2025-10719 WisdomGarden|Tronclass - Insecure Direct Object Reference
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability, allowing remote attackers with regular privilege to modify a specific parameter to access other users' files...
CVE-2025-10719
CVE-2025-10719 concerns WisdomGarden’s Tronclass LMS, where an Insecure Direct Object Reference flaw lets remote attackers with regular privileges manipulate a parameter to access other users’ files. Root cause appears to be improper authorization on object references. Public summaries in NVD/Red...
WisdomGarden Tronclass 安全漏洞
WisdomGarden Tronclass is an interactive instructional management platform from China WisdomGarden, Inc. A security vulnerability exists in WisdomGarden Tronclass that stems from an insecure direct object reference, which could lead to a remote attacker accessing other user files by modifying...
CVE-2024-6738
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL...
CVE-2024-6738
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL...
CVE-2024-6738 WisdomGarden Tronclass - Broken Access Control
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL...
CVE-2024-6738 WisdomGarden Tronclass - Broken Access Control
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL...
CVE-2024-6738
CVE-2024-6738 concerns WisdomGarden’s Tronclass: the thumbnail API lacks access control, allowing unauthenticated remote attackers to obtain certain files by modifying the URL. The initial NVD entry provides a medium severity estimate (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) with a network...