Lucene search
+L

2158 matches found

CVE
CVE
added 2026/04/17 3:36 a.m.29 views

CVE-2026-5502

The Tutor LMS WordPress plugin (versions up to 3.9.8) is affected by an authorization flaw in tutor_update_course_content_order that allows authenticated subscribers (and higher) to manipulate course content without proper permission checks. The code only validates CSRF via nonce and only runs ca...

5.3CVSS5.7AI score0.00465EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/17 3:36 a.m.34 views

CVE-2026-5502 Tutor LMS <= 3.9.8 - Authenticated (Subscriber+) Arbitrary Course Content Manipulation via tutor_update_course_content_order

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized course content manipulation in versions up to and including 3.9.8. This is due to a missing authorization check in the tutorupdatecoursecontentorder function. The function only validates the...

5.3CVSS0.00465EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/04/17 2:4 a.m.9 views

WordPress Tutor LMS plugin <= 3.9.8 - Authenticated (Subscriber+) Arbitrary Course Content Manipulation via tutor_update_course_content_order vulnerability

Authenticated Subscriber+ Arbitrary Course Content Manipulation via tutorupdatecoursecontentorder vulnerability discovered by momopon1415 in WordPress Plugin Tutor LMS versions = 3.9.8...

5.3CVSS5.8AI score0.00465EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.9 views

WordPress plugin Tutor LMS – eLearning and online course solution 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00465EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.8 views

PT-2026-33405

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized course content manipulation in versions up to and including 3.9.8. This is due to a missing authorization check in the tutor update course content order function. The function only validates th...

5.3CVSS5.7AI score0.00465EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.13 views

sms 安全漏洞

SMS is a student performance management system developed by Jeffrey as an individual project. SMS has a security vulnerability, which stems from the handling of the parameter ID in the file admin/deletecourse.php. This vulnerability may lead to SQL injection attacks...

7.5CVSS7.2AI score0.00325EPSS
Exploits0References1
NVD
NVD
added 2026/04/14 10:16 p.m.5 views

CVE-2026-34602

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/courserelusers endpoint is vulnerable to Insecure Direct Object Reference IDOR, allowing an authenticated attacker to modify the user parameter in the request body to enroll any arbitrary user into...

7.1CVSS0.00203EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/14 9:33 p.m.5 views

CVE-2026-35196 Chamilo LMS has OS Command Injection via export_all_certificates action

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability exists in the main/inc/ajax/gradebook.ajax.php endpoint within the exportallcertificates action, where the course code retrieved from the session variable $SESSION'cid'...

8.8CVSS6.2AI score0.0176EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/14 9:33 p.m.24 views

CVE-2026-35196 Chamilo LMS has OS Command Injection via export_all_certificates action

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability exists in the main/inc/ajax/gradebook.ajax.php endpoint within the exportallcertificates action, where the course code retrieved from the session variable $SESSION'cid'...

8.8CVSS0.0176EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/14 9:33 p.m.3 views

CVE-2026-35196

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability exists in the main/inc/ajax/gradebook.ajax.php endpoint within the exportallcertificates action, where the course code retrieved from the session variable $SESSION'cid'...

8.8CVSS6.2AI score0.0176EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/04/14 9:33 p.m.18 views

CVE-2026-35196

Chamilo LMS vulnerable to OS Command Injection prior to 2.0.0-RC.3. The flaw resides in the gradebook.ajax.php endpoint (export_all_certificates action), where the course code is taken from $_SESSION['_cid'] via api_get_course_id() and concatenated into a shell_exec() command without sanitization...

8.8CVSS6.2AI score0.0176EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/14 9:33 p.m.3 views

CVE-2026-35196 Chamilo LMS has OS Command Injection via export_all_certificates action

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability exists in the main/inc/ajax/gradebook.ajax.php endpoint within the exportallcertificates action, where the course code retrieved from the session variable $SESSION'cid'...

8.8CVSS6.2AI score0.0176EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/14 9:29 p.m.2 views

CVE-2026-34602

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/courserelusers endpoint is vulnerable to Insecure Direct Object Reference IDOR, allowing an authenticated attacker to modify the user parameter in the request body to enroll any arbitrary user into...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/14 9:29 p.m.3 views

CVE-2026-34602 Chamilo LMS: IDOR in /api/course_rel_users Allows Unauthorized Enrollment of Arbitrary Users into Courses

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/courserelusers endpoint is vulnerable to Insecure Direct Object Reference IDOR, allowing an authenticated attacker to modify the user parameter in the request body to enroll any arbitrary user into...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References5
CVE
CVE
added 2026/04/14 9:29 p.m.18 views

CVE-2026-34602

Chamilo LMS is affected by an IDOR in the /api/course_rel_users endpoint prior to version 2.0.0-RC.3. An authenticated attacker can modify the user parameter in the request body to enroll arbitrary users into courses without proper authorization checks, bypassing enrollment controls and potential...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/04/14 9:29 p.m.7 views

EUVD-2026-22718

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/courserelusers endpoint is vulnerable to Insecure Direct Object Reference IDOR, allowing an authenticated attacker to modify the user parameter in the request body to enroll any arbitrary user into...

7.1CVSS5.8AI score0.00203EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/14 9:29 p.m.25 views

CVE-2026-34602 Chamilo LMS: IDOR in /api/course_rel_users Allows Unauthorized Enrollment of Arbitrary Users into Courses

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/courserelusers endpoint is vulnerable to Insecure Direct Object Reference IDOR, allowing an authenticated attacker to modify the user parameter in the request body to enroll any arbitrary user into...

7.1CVSS0.00203EPSS
Exploits0References5
OSV
OSV
added 2026/04/14 9:29 p.m.3 views

CVE-2026-34602 Chamilo LMS: IDOR in /api/course_rel_users Allows Unauthorized Enrollment of Arbitrary Users into Courses

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/courserelusers endpoint is vulnerable to Insecure Direct Object Reference IDOR, allowing an authenticated attacker to modify the user parameter in the request body to enroll any arbitrary user into...

7.1CVSS5.9AI score0.00203EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/14 7:22 p.m.8 views

CVE-2026-32892

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an OS Command Injection vulnerability in the file move function. The move function in fileManage.lib.php passes user-controlled path values directly into exec shell commands without using...

9.1CVSS6.1AI score0.01527EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 1:22 a.m.7 views

CVE-2025-51414

In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page...

8.8CVSS5.9AI score0.00305EPSS
Exploits0References1
Rows per page
Query Builder