Lucene search
K

210 matches found

NVD
NVD
added 2024/05/17 2:15 p.m.22 views

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS7.4AI score0.00852EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 1:43 p.m.17 views

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.8AI score0.00852EPSS
Exploits0References1
CVE
CVE
added 2024/05/17 1:43 p.m.65 views

CVE-2024-34919

The CVE-2024-34919 entry describes an arbitrary file upload in Pisay Online E-Learning System v1.0, specifically the modstudent/controller.php component, enabling attackers to execute arbitrary code via crafted uploads. The vulnerability is associated with PHP/MySQL-based Pisay Online E-Learning ...

9.8CVSS7.7AI score0.00852EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 1:43 p.m.45 views

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.4AI score0.00852EPSS
Exploits0References1
NVD
NVD
added 2024/04/30 11:15 p.m.19 views

CVE-2024-4349

A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...

7.5CVSS7.3AI score0.01035EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/04/30 11:0 p.m.11 views

CVE-2024-4349 SourceCodester Pisay Online E-Learning System controller.php unrestricted upload

A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...

7.5CVSS6.9AI score0.01035EPSS
Exploits1References4
CVE
CVE
added 2024/04/30 11:0 p.m.83 views

CVE-2024-4349

CVE-2024-4349 affects SourceCodester Pisay Online E-Learning System 1.0. The vulnerability lies in the /lesson/controller.php file where manipulating the file parameter leads to unrestricted uploads. It can be exploited remotely, and publicly disclosed exploit information exists (VDB-262489). Rem...

7.5CVSS6.8AI score0.01035EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/11/07 3:15 p.m.6 views

CVE-2022-43319

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

7.5CVSS5.8AI score0.00706EPSS
Exploits1References1
NVD
NVD
added 2022/11/07 3:15 p.m.17 views

CVE-2022-43319

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

7.5CVSS0.00706EPSS
Exploits1References1
Prion
Prion
added 2022/11/07 3:15 p.m.17 views

Information disclosure

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

5CVSS7.1AI score0.00706EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/11/07 12:0 a.m.71 views

CVE-2022-43319

CVE-2022-43319 affects Simple E-Learning System v1.0. The vulnerability resides in the endpoint vcs/downloadFiles.php?download=./search.php, enabling an attacker to read arbitrary files and thus disclose confidential data. The reported impact is High confidentiality loss (CVSS v3.1: AV:N/AC:L/PR:...

7.5CVSS7.1AI score0.00706EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/11/07 12:0 a.m.12 views

CVE-2022-43319

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

7.3AI score0.00706EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/11/07 12:0 a.m.10 views

CVE-2022-43319

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

7.2AI score0.00706EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/11/07 12:0 a.m.8 views

PT-2022-26845 · Unknown · Simple E-Learning System

Name of the Vulnerable Software and Affected Versions: Simple E-Learning System version 1.0 Description: An information disclosure issue exists in the component "vcs/downloadFiles.php?download=./search.php" of Simple E-Learning System, allowing attackers to read arbitrary files. Recommendations:...

7.5CVSS7.1AI score0.00706EPSS
Exploits1References5
NVD
NVD
added 2022/10/07 11:15 a.m.31 views

CVE-2022-40872

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...

9.8CVSS0.00872EPSS
Exploits1References2
Prion
Prion
added 2022/10/07 11:15 a.m.15 views

Sql injection

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...

7.5CVSS9.7AI score0.00872EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/07 12:0 a.m.5 views

PT-2022-25597 · Unknown · Sourcecodester Simple E-Learning System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Simple E-Learning System version 1.0 Description: A SQL injection issue was found in the /vcs/classRoom.php endpoint, specifically with the classCode parameter. This allows for potential SQL injection attacks. Recommendations:...

9.8CVSS9.6AI score0.00872EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/10/07 12:0 a.m.5 views

CVE-2022-40872

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...

7.9AI score0.00872EPSS
Exploits1References1
CVE
CVE
added 2022/10/07 12:0 a.m.64 views

CVE-2022-40872

Sourcecodester Simple E-Learning System 1.0 is affected by an SQL injection in the /vcs/classRoom.php?classCode= endpoint. The root cause is unsafely handling the classCode parameter, enabling an attacker to induce high-severity impact to confidentiality, integrity, and availability (CVSS v3.1: 9...

9.8CVSS9.8AI score0.00872EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/10/07 12:0 a.m.4 views

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system. version 1.0 of Simple E-Learning System is vulnerable to SQL injection, which stems from the presence of SQL injection in classCode. No detailed vulnerability details are available at this time...

9.8CVSS7.8AI score0.00872EPSS
Exploits1References2
Rows per page
Query Builder