14 matches found
CVE-2026-10226 raisulislamg4 student_management_system_by_php delete.php sql injection
A flaw has been found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. Impacted is an unknown function of the file delete.php. Executing a manipulation of the argument userid/courseid/teacherid/studentid/applicationid can lead to sql injection. The...
EUVD-2009-4846
Malware in sbrugna...
EUVD-2010-0979
Malware in sbrugna...
EUVD-2021-11918
Malware in sbrugna...
CVE-2021-25006
The MOLIE WordPress plugin through 0.5 does not escape the courseid parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue...
CVE-2024-4902
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘courseid’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existi...
CVE-2023-4602
The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'courseid' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2019-20512
Open edX Ironwood.1 allows support/certificates?courseid= reflected XSS...
CVE-2019-20512
Open edX Ironwood.1 allows support/certificates?courseid= reflected XSS...
Sql injection
SQL injection vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to execute arbitrary SQL commands via the courseid parameter...
CVE-2010-2354
SQL injection vulnerability in subscribe.php in Pilot Group PG eLMS Pro allows remote attackers to execute arbitrary SQL commands via the courseid parameter...
Sql injection
SQL injection vulnerability in searchresult.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the courseID parameter...
CVE-2010-0954
SQL injection vulnerability in searchresult.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the courseID parameter...
CVE-2002-1007
Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via 1 the courseid parameter in a link to login.pl, 2 the CTID parameter in ProcessInfo.cgi, or 3 the Message parameter in index.cgi...