Lucene search
K

31 matches found

Positive Technologies
Positive Technologies
added 2024/07/15 12:0 a.m.5 views

PT-2024-37834 · Tronclass · Tronclass

Name of the Vulnerable Software and Affected Versions: Tronclass affected versions not specified Description: The issue concerns a lack of proper access control in the thumbnail API of Tronclass, allowing unauthenticated remote attackers to obtain specific files by modifying the URL...

5.3CVSS7.1AI score0.00456EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/07/15 12:0 a.m.5 views

WisdomGarden Tronclass ilearn Access Control Error Vulnerability

WisdomGarden Tronclass ilearn is a teaching platform from China WisdomGarden, Inc. An access control error vulnerability exists in WisdomGarden Tronclass ilearn versions prior to 1.69.61976, which stems from a lack of proper access control in the Thumbnail API, allowing an unauthenticated, remote...

5.3CVSS6.9AI score0.00456EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/03 6:18 a.m.29 views

CVE-2023-41356 WisdomGarden Tronclass ilearn - Path Traversal

NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...

6.5CVSS6.9AI score0.00855EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/03 6:18 a.m.10 views

CVE-2023-41356 WisdomGarden Tronclass ilearn - Path Traversal

NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...

6.5CVSS6.7AI score0.00855EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/03 12:0 a.m.5 views

WisdomGarden Tronclass ilearn Security Breach

WisdomGarden Tronclass ilearn is a teaching platform from WisdomGarden. A security vulnerability exists in WisdomGarden Tronclass ilearn. The vulnerability stems from the uploading of files without proper privilege control, which allows a remote attacker to log in with general privileges, change...

6.5CVSS6.8AI score0.00855EPSS
Exploits0References2
NVD
NVD
added 2023/03/27 4:15 a.m.13 views

CVE-2023-24834

WisdomGarden Tronclass has improper access control when uploading file. An authenticated remote attacker with general user privilege can exploit this vulnerability to access files belonging to other users by modifying the file ID within URL...

6.5CVSS6.4AI score0.0064EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.5 views

PT-2023-19814 · Unknown · Wisdomgarden Tronclass

Name of the Vulnerable Software and Affected Versions: WisdomGarden Tronclass affected versions not specified Description: The issue is related to improper access control when uploading files. An authenticated remote attacker with general user privileges can exploit this to access files belonging...

6.5CVSS6.3AI score0.0064EPSS
Exploits0References2
CVE
CVE
added 2023/03/27 12:0 a.m.61 views

CVE-2023-24834

CVE-2023-24834 affects WisdomGarden Tronclass ilearn (app version 2.3.2 and web versions prior to 1.52.29198 per CNNVD). The issue is improper access control in the file upload flow: an authenticated user with general privileges can modify the file ID in the URL to access other users’ files. Conn...

6.5CVSS6.4AI score0.0064EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.5 views

WisdomGarden Tronclass 代码问题漏洞

WisdomGarden Tronclass ilearn is a teaching platform from China WisdomGarden, Inc. A security vulnerability exists in WisdomGarden Tronclass that stems from improper access control when uploading files. Affected products and versions: Tronclass ilearn app version 2.3.2 and Tronclass ilearn web...

6.5CVSS6.5AI score0.0064EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.8 views

CVE-2023-24834 WisdomGarden Tronclass ilearn - Broken Access Control

WisdomGarden Tronclass has improper access control when uploading file. An authenticated remote attacker with general user privilege can exploit this vulnerability to access files belonging to other users by modifying the file ID within URL...

6.5CVSS6.4AI score0.0064EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/02 12:0 a.m.1 views

Logic Flaw Vulnerability in TronClass Platform

TronClass is a professional online education and learning platform. A logic flaw vulnerability exists in the TronClass platform, which can be exploited by attackers to obtain sensitive information...

6.7AI score
Exploits0
Rows per page
Query Builder