31 matches found
PT-2024-37834 · Tronclass · Tronclass
Name of the Vulnerable Software and Affected Versions: Tronclass affected versions not specified Description: The issue concerns a lack of proper access control in the thumbnail API of Tronclass, allowing unauthenticated remote attackers to obtain specific files by modifying the URL...
WisdomGarden Tronclass ilearn Access Control Error Vulnerability
WisdomGarden Tronclass ilearn is a teaching platform from China WisdomGarden, Inc. An access control error vulnerability exists in WisdomGarden Tronclass ilearn versions prior to 1.69.61976, which stems from a lack of proper access control in the Thumbnail API, allowing an unauthenticated, remote...
CVE-2023-41356 WisdomGarden Tronclass ilearn - Path Traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
CVE-2023-41356 WisdomGarden Tronclass ilearn - Path Traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
WisdomGarden Tronclass ilearn Security Breach
WisdomGarden Tronclass ilearn is a teaching platform from WisdomGarden. A security vulnerability exists in WisdomGarden Tronclass ilearn. The vulnerability stems from the uploading of files without proper privilege control, which allows a remote attacker to log in with general privileges, change...
CVE-2023-24834
WisdomGarden Tronclass has improper access control when uploading file. An authenticated remote attacker with general user privilege can exploit this vulnerability to access files belonging to other users by modifying the file ID within URL...
PT-2023-19814 · Unknown · Wisdomgarden Tronclass
Name of the Vulnerable Software and Affected Versions: WisdomGarden Tronclass affected versions not specified Description: The issue is related to improper access control when uploading files. An authenticated remote attacker with general user privileges can exploit this to access files belonging...
CVE-2023-24834
CVE-2023-24834 affects WisdomGarden Tronclass ilearn (app version 2.3.2 and web versions prior to 1.52.29198 per CNNVD). The issue is improper access control in the file upload flow: an authenticated user with general privileges can modify the file ID in the URL to access other users’ files. Conn...
WisdomGarden Tronclass 代码问题漏洞
WisdomGarden Tronclass ilearn is a teaching platform from China WisdomGarden, Inc. A security vulnerability exists in WisdomGarden Tronclass that stems from improper access control when uploading files. Affected products and versions: Tronclass ilearn app version 2.3.2 and Tronclass ilearn web...
CVE-2023-24834 WisdomGarden Tronclass ilearn - Broken Access Control
WisdomGarden Tronclass has improper access control when uploading file. An authenticated remote attacker with general user privilege can exploit this vulnerability to access files belonging to other users by modifying the file ID within URL...
Logic Flaw Vulnerability in TronClass Platform
TronClass is a professional online education and learning platform. A logic flaw vulnerability exists in the TronClass platform, which can be exploited by attackers to obtain sensitive information...