Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 6 days ago7 views

CVE-2026-8502

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.6 via the 'returntype' parameter. This makes it possible for unauthenticated attackers to extract sensitive data...

5.3CVSS0.00071EPSS
Exploits0References14
NVD
NVDadded 2026/05/26 7:16 p.m.12 views

CVE-2026-8890

code100x contains an authentication bypass vulnerability in the Mobile API that allows unauthenticated attackers to impersonate arbitrary users by supplying a crafted JSON payload in the 'g' HTTP header. The middleware in middleware.ts skips identity header generation when an Auth-Key header is...

8.8CVSS0.00096EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/24 12:0 a.m.1 views

EUVD-2025-209575

A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low-privileged "student" user can access unauthorized course-level information by modifying intercepted API requests. Changing a captured POST request to a GET request against the /rest/v1/course PostgREST...

6.5CVSS5.2AI score0.00036EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/24 12:0 a.m.5 views

PT-2026-34882

A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low-privileged "student" user can access unauthorized course-level information by modifying intercepted API requests. Changing a captured POST request to a GET request against the /rest/v1/course PostgREST...

6.5CVSS5.2AI score0.00036EPSS
Exploits0References4
EUVD
EUVDadded 2026/03/16 3:30 p.m.0 views

EUVD-2026-12378

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/adminusuarios.cgi?filtroestado=T&wAccion=listadoxlsx&wBuscar=&wFiltrar=&wOrden=altausuario&widcursoActual=ID' where the data of users enrolled in the course is exported. Successfu...

8.7CVSS5.8AI score0.00099EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/16 12:0 a.m.2 views

PT-2026-25667

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/admin usuarios.cgi?filtro estado=T&wAccion=listado xlsx&wBuscar=&wFiltrar=&wOrden=alta usuario&wid cursoActual=ID' where the data of users enrolled in the course is exported...

8.7CVSS5.8AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/05/21 12:0 a.m.2 views

Open edX Platform 安全漏洞

Open edX Platform is an open source course management system CMS from Open edX Open Source. The system can be used for MOOCs Massive Open Online Courses as well as smaller courses and training modules. A security vulnerability exists in versions prior to Open edX Platform 6740e75, which stems fro...

5.3CVSS6.6AI score0.00228EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 5:19 a.m.1 views

SUSE CVE-2015-3180

lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended enrolment...

4CVSS7AI score0.00306EPSS
Exploits0References3
Rows per page
Query Builder