CVE-2026-24668

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to add content to existing course units, an action normally restricted to higher-privileged roles. This issue h...

CVE-2026-24668 Open eClass Broken Access Control Allows Students to Add Content to Course Units

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to add content to existing course units, an action normally restricted to higher-privileged roles. This issue h...

EUVD-2015-7779

Malware in sbrugna...

libnbd security update

1.18.1-4.0.1 - Add new content to nbdconnecturi.pod 1.18.1-4 - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52730...

CVE-2020-21881

Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...

SPIP code injection vulnerability (CNVD-2016-01731)

SPIP is a free Web-based content publishing system. The system is primarily used for online collaboration. A code injection vulnerability exists in SPIP. An attacker can exploit this vulnerability to inject arbitrary PHP code by performing an add content operation...

Debian DSA-2567-1 : request-tracker3.8 - several vulnerabilities

Several vulnerabilities were discovered in Request Tracker RT, an issue tracking system. - CVE-2012-4730 Authenticated users can add arbitrary headers or content to mail generated by RT. - CVE-2012-4732 A CSRF vulnerability may allow attackers to toggle ticket bookmarks. - CVE-2012-4734 If users...

CVE-2008-0701

ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content...