Lucene search
K

210 matches found

Cvelist
Cvelist
added 2024/12/09 12:0 a.m.18 views

CVE-2024-54931

A SQL Injection was found in /admin/deleteevent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

0.00583EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.3 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the title and content...

9.8CVSS7.6AI score0.00583EPSS
Exploits1References1
CVE
CVE
added 2024/12/09 12:0 a.m.69 views

CVE-2024-54921

CVE-2024-54921 affects Kashipara E-learning Management System v1.0, with a SQL injection in /student_signup.php that allows remote attackers to execute arbitrary SQL through the username, firstname, lastname, and class_id parameters, leading to unauthorized database access. The CVSS v3.1 data ind...

9.8CVSS9.1AI score0.00583EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.19 views

CVE-2024-54925

A SQL Injection was found in /removesentmessage.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

0.00583EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36441 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /admin/edit teacher.php endpoint, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database...

9.8CVSS8.6AI score0.00583EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary Java script via the filename parameter...

5.4CVSS7.3AI score0.00306EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.3 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deletesubject.php...

7.2CVSS7.9AI score0.00493EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary scripts via the mymessage parameter...

5.4CVSS7.2AI score0.0038EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.19 views

CVE-2024-54930

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletestudent.php...

0.00479EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.13 views

CVE-2024-54926

A SQL Injection vulnerability was found in /searchclass.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the schoolyear parameter...

0.00566EPSS
Exploits1References1
CVE
CVE
added 2024/12/09 12:0 a.m.58 views

CVE-2024-54928

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_teacher.php. Root cause is improper input handling enabling SQL injection; CVSS v3.1 base score 7.2 (HIGH) with impact to confidentiality, integrity, and availability. Exploitation status is not detailed i...

7.2CVSS8.3AI score0.00475EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/12/09 12:0 a.m.64 views

CVE-2024-54931

CVE-2024-54931 relates to a SQL injection in Kashipara E-learning Management System v1.0, exposed via the /admin/delete_event.php endpoint. The vulnerability stems from unsanitized input to the id parameter, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized databas...

9.8CVSS9.1AI score0.00583EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/11/14 6:15 p.m.4 views

CVE-2024-50826

A SQL Injection vulnerability was found in /admin/addcontent.php in kashipara E-learning Management System Project 1.0 via the title and content parameters...

7.2CVSS5.8AI score0.00379EPSS
Exploits1References1
OSV
OSV
added 2024/11/14 5:15 p.m.3 views

CVE-2024-50832

A SQL Injection vulnerability was found in /admin/editclass.php in kashipara E-learning Management System Project 1.0 via the classname parameter...

7.2CVSS5.8AI score0.0058EPSS
Exploits1References1
NVD
NVD
added 2024/11/14 2:15 p.m.21 views

CVE-2024-50839

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/addsubject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subjectcode and title parameters...

5.4CVSS0.0038EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.4 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which originates from an SQL injection in the parameters datestart, dateend, and title...

7.2CVSS7.8AI score0.00379EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/14 12:0 a.m.12 views

CVE-2024-50823

A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters...

4.9AI score0.00477EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/14 12:0 a.m.11 views

CVE-2024-50828

A SQL Injection vulnerability was found in /admin/editdepartment.php in kashipara E-learning Management System Project 1.0 via the d parameter...

8.2AI score0.00379EPSS
Exploits1References1
CVE
CVE
added 2024/11/14 12:0 a.m.53 views

CVE-2024-50831

CVE-2024-50831 affects the Kashipara E-learning Management System Project 1.0. A SQL injection vulnerability exists in the admin interface at /admin/admin_user.php, exploitable via the username and password parameters. CVSS data from multiple sources indicate a high-severity impact with potential...

7.2CVSS8AI score0.00379EPSS
Exploits1References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/10/18 12:0 a.m.13 views

JVN#31982676: MUSASI version 3 performing authentication on client-side

MUSASI provided by NEUMANN CO.LTD. is an e-learning system for driving schools. MUSASI version 3 performs authentication within the client-side code CWE-603, and the client in pre-authentication state retrieves the credential information from the server just when a user ID is input. This behavior...

7.5CVSS7.2AI score0.00425EPSS
Exploits0
Rows per page
Query Builder