Lucene search
K

951 matches found

CNVD
CNVD
added 2020/02/14 12:0 a.m.2 views

Wordpress plugin tutor cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress plugin tutor. An attacker can exploit this vulnerability to...

6.3AI score
Exploits0References1
Exploit DB
Exploit DB
added 2020/02/13 12:0 a.m.212 views

WordPress Plugin Tutor.1.5.3 - Local File Inclusion

Tile: Wordpress Plugin tutor.1.5.3 - Local File Inclusion Author: mehran feizi Category: webapps Date: 2020-02-12 vendor home page: https://wordpress.org/plugins/tutor/ =================================================================== Vulnerable page: /instructors.php...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.65 views

WordPress Tutor 1.5.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications - Tile: Wordpress Plugin tutor.1.5.3 - Cross-Site Scripting - Author: mehran feizi - Category: webapps =================================================================== Vulnerable page: /Quiz.php...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/02/11 12:0 a.m.4 views

WordPress Tutor LMS Cross-Site Request Forgery Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress Tutor LMS. The vulnerability stems from the WEB applicatio...

6.5CVSS6.8AI score0.0883EPSS
Exploits6References1
NVD
NVD
added 2020/02/04 8:15 p.m.32 views

CVE-2020-8615

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...

6.5CVSS6.5AI score0.0883EPSS
Exploits6References5
OSV
OSV
added 2020/02/04 8:15 p.m.18 views

CVE-2020-8615

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...

6.5CVSS6.8AI score0.0883EPSS
Exploits6References5
Prion
Prion
added 2020/02/04 8:15 p.m.14 views

Cross site request forgery (csrf)

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...

2.6CVSS6.5AI score0.0883EPSS
Exploits6References5Affected Software1
CVE
CVE
added 2020/02/04 7:1 p.m.149 views

CVE-2020-8615

CVE-2020-8615 is a CSRF vulnerability in the WordPress Tutor LMS plugin up to version 1.5.3 (fixed in 1.5.3). The issue allows an attacker to approve themselves as an instructor and perform other actions (e.g., blocking legitimate instructors). The root cause is CSRF in Tutor LMS’s instructor-man...

6.5CVSS6.4AI score0.0883EPSS
Exploits6References5Affected Software1
Cvelist
Cvelist
added 2020/02/04 7:1 p.m.32 views

CVE-2020-8615

A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...

6.5AI score0.0883EPSS
Exploits6References5
WPVulnDB
WPVulnDB
added 2020/02/04 12:0 a.m.19 views

Tutor LMS < 1.5.3 - Cross-Site Request Forgery (CSRF)

Tutor LMS WordPress plugin is vulnerable to Cross-Site Request Forgery CSRF attacks. PoC As the requests for the approval and blocking of instructors are sent using the GET method, the CSRF attack to approve an attacker-controlled instructor account can be performed by having the admin visit...

2.6CVSS0.5AI score0.0883EPSS
Exploits6References2Affected Software1
Patchstack
Patchstack
added 2020/02/04 12:0 a.m.10 views

WordPress Tutor LMS plugin <= 1.5.2 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Jinson Varghese Behanan in WordPress Tutor LMS plugin versions = 1.5.2. Solution Update the WordPress Tutor LMS plugin to the latest available version at least 1.5.3...

3AI score
Exploits0References2Affected Software1
0day.today
0day.today
added 2017/08/11 12:0 a.m.15 views

De-Tutor 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: De-Tutor - Private Tutoring and Admission Processing 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2017/08/11 12:0 a.m.12 views

De-Tutor 1.0 - SQL Injection

De-Tutor 1.0 - SQL Injection Exploit Title: De-Tutor - Private Tutoring and Admission Processing 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link: https://codecanyon.net/item/detutor-private-tutoring-and-admission-processing/19053430 Demo:...

8.7AI score
Exploits0
Packet Storm
Packet Storm
added 2017/08/11 12:0 a.m.21 views

De-Tutor 1.0 SQL Injection

Exploit Title: De-Tutor - Private Tutoring and Admission Processing 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link: https://codecanyon.net/item/detutor-private-tutoring-and-admission-processing/19053430 Demo: https://demo.sarutech.com/detutor/...

7.4AI score
Exploits0
hackapp
hackapp
added 2017/04/17 8:16 p.m.22 views

Tutor - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Tutor published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2017/01/18 12:0 a.m.13 views

My Private Tutor Website Builder Script - SQL Injection

My Private Tutor Website Builder Script - SQL Injection Vulnerability: SQL Injection + Authentication Bypass Date: 18.01.2017 Vendor Homepage: http://www.scriptgiant.com/ Script Name: My Private Tutor Website Builder Script Script Buy Now:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2017/01/13 12:0 a.m.22 views

My Private Tutor Website Script - Authentication Bypass

Vulnerability: Admin Login Bypass & SQLi Date: 13.01.2017 Vendor Homepage: http://scriptfirm.com/ Script Name: Professional Service Booking Script Script Buy Now: My Private Tutor Website Author: İhsan Şencan Author Web: http://ihsan.net Mail : ihsanbeygirihsannoktanet http://localhost/PATH/admin...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/10/27 12:0 a.m.7 views

GNU GTypist 2.9.5-2 - Local Buffer Overflow

GNU GTypist 2.9.5-2 - Local Buffer Overflow Exploit developed using Exploit Pack v6.5 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: GNU Typist Affected value: ARG0 Version: 2.9.5-2 Tested and developed under: Kali Linux 2.0 x86 -...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/10/27 12:0 a.m.28 views

GNU GTypist 2.9.5-2 - Local Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit Author: Juan Sacco Program affected: GNU Typist Affected value: ARG0 Version: 2.9.5-2 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: Simple ncurses touch typing tutor Displays exercise lines,...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2016/10/27 12:0 a.m.36 views

GNU GTypist 2.9.5-2 Buffer Overflow

Exploit developed using Exploit Pack v6.5 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: GNU Typist Affected value: ARG0 Version: 2.9.5-2 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: Simple ncurses...

0.4AI score
Exploits0
Rows per page
Query Builder