CVE-2026-4285

A vulnerability was identified in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. Impacted is the function recognizeMarkdown of the file yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/Pdf2MdUtil.java. Such...

CVE-2026-4285

A vulnerability was identified in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. Impacted is the function recognizeMarkdown of the file yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/Pdf2MdUtil.java. Such...

CVE-2026-4285

CVE-2026-4285 affects taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. The vulnerable component is the function recognizeMarkdown in Pdf2MdUtil.java (yudao-module-digitalcourse-biz). The root cause is manipulation of the fileUrl argument, leading to a path traversal vulnerab...

EUVD-2015-3389

Malware in sbrugna...

EUVD-2022-4118

Malicious code in bioql PyPI...

EUVD-2025-20186

Malicious code in bioql PyPI...

CVE-2025-9839 itsourcecode Student Information Management System index.php sql injection

A security flaw has been discovered in itsourcecode Student Information Management System 1.0. The affected element is an unknown function of the file /admin/modules/course/index.php. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possibl...

PT-2025-35640

Name of the Vulnerable Software and Affected Versions: itsourcecode Student Information Management System version 1.0 Description: A security flaw exists in itsourcecode Student Information Management System 1.0. Manipulation of the ID argument in the file /admin/modules/course/index.php can lead...

PT-2025-30096 · Unknown · Student-Manage

Name of the Vulnerable Software and Affected Versions: StudentManage version 1.0 Description: The software contains a cross-site scripting XSS vulnerability within the Add A New Course module. Recommendations: Address the issue in the Add A New Course module for StudentManage version 1.0...

CVE-2025-50582

Affected software: StudentManage v1.0.Vulnerability: Cross-site scripting (XSS) via the Add A New Course module in the StudentManage application.Root cause: The provided documents indicate an XSS flaw in the Add A New Course module but do not detail the exact code path or input handling mechanism...

StudentManage 安全漏洞

StudentManage is a student management system by DayCloud Individual Developer in China. A security vulnerability exists in StudentManage version 1.0, which stems from the mishandling of the Add A New Course module and may lead to cross-site scripting attacks...

CVE-2025-7111

A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educarcursodet.php?codcurso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. The attack...

CVE-2025-7111 Portabilis i-Educar Course Module educar_curso_det.php cross site scripting

A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educarcursodet.php?codcurso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. The attack...

CVE-2025-7111 Portabilis i-Educar Course Module educar_curso_det.php cross site scripting

A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educarcursodet.php?codcurso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. The attack...

CVE-2025-7111

Portabilis i-Educar 2.9.0 is affected in the Course Module, specifically file /intranet/educar_curso_det.php?cod_curso=ID. The vulnerability arises from unsafely handling the Curso parameter, enabling cross-site scripting (XSS). Attacks are possible remotely, and public exploits have been disclos...

PT-2025-28125 · Portabilis · Portabilis I-Educar

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar version 2.9.0 Description: A vulnerability has been found in the component Course Module, affecting the file /intranet/educar curso det.php?cod curso=ID. The manipulation of the Curso argument leads to cross-site scripting...

Moodle does not properly validate module instance id

Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors...

GHSA-H9W8-4376-J344 Moodle does not properly validate module instance id

Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors...

CVE-2021-25029

The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

Wordpress Plugin CLUEVO LMS, E-Learning Platform 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...