26 matches found
CVE-2026-2997
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997 WisdomGarden|Tronclass - Insecure Direct Object Reference
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997 WisdomGarden|Tronclass - Insecure Direct Object Reference
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
CVE-2026-2997
CVE-2026-2997 : WisdomGarden’s Tronclass contains an insecure direct object reference. An authenticated remote attacker who learns a course ID can modify a parameter to obtain a course invitation code and join any course. Public exploitation details are not provided in the connected documents; re...
PT-2026-21493
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course...
WisdomGarden Tronclass 安全漏洞
WisdomGarden Tronclass is an interactive teaching management platform developed by WisdomGarden Corporation. There is a security vulnerability in WisdomGarden Tronclass, which stems from insecure direct object references. This vulnerability could allow authenticated remote attackers to access any...
CVE-2025-10719
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability, allowing remote attackers with regular privilege to modify a specific parameter to access other users' files...
CVE-2025-10719 WisdomGarden|Tronclass - Insecure Direct Object Reference
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability, allowing remote attackers with regular privilege to modify a specific parameter to access other users' files...
CVE-2025-10719 WisdomGarden|Tronclass - Insecure Direct Object Reference
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability, allowing remote attackers with regular privilege to modify a specific parameter to access other users' files...
CVE-2025-10719
CVE-2025-10719 concerns WisdomGarden’s Tronclass LMS, where an Insecure Direct Object Reference flaw lets remote attackers with regular privileges manipulate a parameter to access other users’ files. Root cause appears to be improper authorization on object references. Public summaries in NVD/Red...
WisdomGarden Tronclass 安全漏洞
WisdomGarden Tronclass is an interactive instructional management platform from China WisdomGarden, Inc. A security vulnerability exists in WisdomGarden Tronclass that stems from an insecure direct object reference, which could lead to a remote attacker accessing other user files by modifying...
CVE-2024-6738
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL...
CVE-2024-6738
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL...
CVE-2024-6738 WisdomGarden Tronclass - Broken Access Control
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL...
CVE-2024-6738 WisdomGarden Tronclass - Broken Access Control
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL...
WisdomGarden Tronclass ilearn Access Control Error Vulnerability
WisdomGarden Tronclass ilearn is a teaching platform from China WisdomGarden, Inc. An access control error vulnerability exists in WisdomGarden Tronclass ilearn versions prior to 1.69.61976, which stems from a lack of proper access control in the Thumbnail API, allowing an unauthenticated, remote...
CVE-2023-41356 WisdomGarden Tronclass ilearn - Path Traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...
CVE-2023-41356 WisdomGarden Tronclass ilearn - Path Traversal
NCSIST ManageEngine Mobile Device ManagerMDM APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files...