CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

CVE-2022-31912

Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=deleteteam...

Cross site scripting

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

Sql injection

Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=deleteteam...

CVE-2022-31912

Online Tutor Portal Site v1.0 is affected by SQL Injection in the /otps/classes/Master.php?f=delete_team path. The issue stems from missing SQL data filtering/escaping, enabling an attacker to potentially access or modify database data. Connected records (RH:CVE-2022-31912, NVD/CVE-2022-31912, CN...

CVE-2022-31912

Online Tutor Portal Site v1.0 is vulnerable to SQL Injection via /otps/classes/Master.php?f=deleteteam...

CVE-2022-31910

The CVE-2022-31910 entry concerns Online Tutor Portal Site v1.0 with a Cross-Site Scripting (XSS) vulnerability exploitable via /otps/classes/Master.php. The issue arises from lack of filtering/escaping of parameter data, enabling client-side JavaScript execution. Multiple connected sources (e.g....

CVE-2022-31910

Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting XSS. via /otps/classes/Master.php...

Online Tutor Portal Site 跨站脚本漏洞

Online Tutor Portal Site is an online tutor portal. It is used to provide an online platform for individuals who are looking for and offering tutoring services. A cross-site scripting vulnerability exists in Online Tutor Portal Site version v1.0, which stems from a lack of filtering and escaping ...

Online Tutor Portal Site SQL注入漏洞

Sourcecodester Online Discussion Forum Site is an application of Sourcecodester. A SQL injection vulnerability exists in Online Tutor Portal Site v1.0, which originates from /otps/classes/Master.php?f=deleteteam missing SQL data filter escaping. An attacker could use this vulnerability to execute...

@tutor/jailed-sandbox (>=0.2.0 <=0.2.1), @tutor/markdown2html (>=0.1.2 <=0.2.3) +4 more potentially affected by CVE-2022-23923 via jailed (>=0.2.0 <=0.3.1)

jailed NPM version =0.2.0, =0.2.0, =0.1.2, =1.0.0, =0.0.1, =0.1.13, =2.0.0, =3.1.9 Source cves: CVE-2022-23923 Source advisory: OSV:GHSA-77M7-9WVW-87FX...

@tutor/jailed-sandbox (>=0.2.0 <=0.2.1), @tutor/markdown2html (>=0.1.2 <=0.2.3) +4 more potentially affected by CVE-2022-23923 via jailed (>=0.2.0 <=0.3.1)

jailed NPM version =0.2.0, =0.2.0, =0.1.2, =1.0.0, =0.0.1, =0.1.13, =2.0.0, =3.1.9 Source cves: CVE-2022-23923 Source advisory: SNYK:JS-JAILED-2391490...

WordPress Tutor LMS plugin cross-site scripting vulnerability (CNVD-2022-08152)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Tutor LMS plugin for WordPress, versions prior to 1.9.12,...

CVE-2021-25017

The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2021-25017

The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2021-25017 Tutor LMS < 1.9.12 - Reflected Cross-Site Scripting

The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2021-25017

The CVE-2021-25017 entry concerns the Tutor LMS WordPress plugin, specifically versions before 1.9.12, where the search parameter is not escaped before being echoed back into an admin-page attribute, causing a Reflected Cross-Site Scripting (XSS) vulnerability. The affected component is the admin...

WordPress plugin跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Tutor LMS plugin for WordPress, versions prior to 1.9.12,...