Lucene search
K

6 matches found

0daydb
0daydb
added 2020/05/24 3:29 p.m.173 views

OpenEDX Ironwood 2.5 CVE-2020-13144 - Remote Code Execution

OpenEDX platform Ironwood version 2.5 suffers from a remote code execution vulnerability. Exploit Title: OpenEDX platform Ironwood 2.5 - Remote Code Execution Google Dork: N/A Date: 2020-05-20 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://open.edx.org/ Software Link:...

7.5CVSS0.5AI score0.97116EPSS
Exploits31
0day.today
0day.today
added 2020/05/21 12:0 a.m.96 views

OpenEDX platform Ironwood 2.5 - Remote Code Execution Vulnerability

Exploit for multiple platform in category web applications Exploit Title: OpenEDX platform Ironwood 2.5 - Remote Code Execution Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://open.edx.org/ Software Link: https://github.com/edx/edx-platform Version: Ironwood 2.5 Tested on: Debian...

6.5CVSS8.8AI score0.10963EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/05/21 12:0 a.m.491 views

OpenEDX platform Ironwood 2.5 - Remote Code Execution

Exploit Title: OpenEDX platform Ironwood 2.5 - Remote Code Execution Google Dork: N/A Date: 2020-05-20 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://open.edx.org/ Software Link: https://github.com/edx/edx-platform Version: Ironwood 2.5 Tested on: Debian x64 CVE : CVE-2020-13144...

8.8CVSS9AI score0.10963EPSS
Exploits7
Packet Storm
Packet Storm
added 2020/05/20 12:0 a.m.329 views

OpenEDX Ironwood 2.5 Remote Code Execution

Exploit Title: OpenEDX platform Ironwood 2.5 - Remote Code Execution Google Dork: N/A Date: 2020-05-20 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://open.edx.org/ Software Link: https://github.com/edx/edx-platform Version: Ironwood 2.5 Tested on: Debian x64 CVE : CVE-2020-13144...

0.3AI score0.10963EPSS
Exploits7
OSV
OSV
added 2020/05/18 7:15 p.m.3 views

CVE-2020-13144

Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New courseNew sectionNew subsectionNew unitAdd new componentProblem buttonAdvanced tabCustom Python evaluated code" screen, edit the problem, and execute Python code. This leads to arbitrary code...

8.8CVSS7.5AI score0.10963EPSS
Exploits7References3
CVE
CVE
added 2020/05/18 6:23 p.m.130 views

CVE-2020-13144

CVE-2020-13144 affects Open edX Ironwood 2.5 Studio. When CodeJail is not enforced, an authenticated user can navigate to Create New course > New section > New subsection > New unit > Add new component > Problem > Advanced > Custom Python evaluated code, edit a problem and ex...

8.8CVSS8.8AI score0.10963EPSS
Exploits7References3Affected Software1
Rows per page
Query Builder