16 matches found
EUVD-2025-32445
A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Handler. Such manipulation leads to improper access controls. The attack may be launched remotely. This attack is characterized by high...
EUVD-2025-32448
A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument Description can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...
CVE-2025-11283
A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument Description can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...
CVE-2025-11283
A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument Description can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...
CVE-2025-11283
CVE-2025-11283 affects Frappe LMS 2.35.0, specifically the Course Handler component. The vulnerability arises from manipulation of the Description argument in Course Handler, enabling cross-site scripting (XSS) via a remote attack. Public disclosures exist detailing the exploit. The recommended r...
CVE-2025-11283 Frappe LMS Course cross site scripting
A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument Description can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...
CVE-2025-11283 Frappe LMS Course cross site scripting
A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument Description can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...
CVE-2025-11281
A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Handler. Such manipulation leads to improper access controls. The attack may be launched remotely. This attack is characterized by high...
CVE-2025-11281 Frappe LMS Unpublished Course courses access control
A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Handler. Such manipulation leads to improper access controls. The attack may be launched remotely. This attack is characterized by high...
CVE-2025-11281 Frappe LMS Unpublished Course courses access control
A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Handler. Such manipulation leads to improper access controls. The attack may be launched remotely. This attack is characterized by high...
Frappe Technologies Frappe 代码注入漏洞
Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A code injection vulnerability exists in Frappe Technologies Frappe version 2.35.0, which stems from an incorrect manipulation of the parameter...
PT-2025-40794
Name of the Vulnerable Software and Affected Versions Frappe LMS version 2.35.0 Description A flaw exists in Frappe LMS that allows for cross site scripting. This issue is related to the Course Handler component and involves manipulation of the Description argument. The attack can be carried out...
PT-2025-40792
Name of the Vulnerable Software and Affected Versions Frappe LMS version 2.35.0 Description A flaw exists in Frappe LMS that allows for improper access controls. The issue is related to an unknown function within the /courses/ file of the Unpublished Course Handler component. The attack can be...
CVE-2023-6766
A vulnerability classified as problematic has been found in PHPGurukul Teacher Subject Allocation Management System 1.0. Affected is an unknown function of the file /admin/course.php of the component Delete Course Handler. The manipulation of the argument delid leads to cross-site request forgery...
Cross site request forgery (csrf)
A vulnerability classified as problematic has been found in PHPGurukul Teacher Subject Allocation Management System 1.0. Affected is an unknown function of the file /admin/course.php of the component Delete Course Handler. The manipulation of the argument delid leads to cross-site request forgery...
PT-2023-32767 · Unknown · Phpgurukul Teacher Subject Allocation Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Teacher Subject Allocation Management System version 1.0 Description: A problematic vulnerability has been found in the PHPGurukul Teacher Subject Allocation Management System. The issue affects an unknown function of the file...