CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

73 matches found

Packet Storm•added 2026/05/05 12:0 a.m.•29 views

📄 GUnet OpenEclass E-learning Remote Code Execution

GUnet OpenEclass E-learning versions prior to 4.2 suffer from a remote code execution vulnerability. Exploit Title: GUnet OpenEclass E-learning platform """ def banner: printf'''YELLOW ┏━╸╻ ╻┏━╸ ┏━┓┏━┓┏━┓┏━┓ ┏━┓┏━┓┏━┓╻ ╻╺┓ ┃ ┃┏┛┣╸ ╺━╸┏━┛┃┃┃┏━┛┣━┓╺━╸┏━┛┏━┛┏━┛┗━┫ ┃ ┗━╸┗┛ ┗━╸ ┗━╸┗━┛┗━╸┗━┛ ┗━╸┗━╸┗━╸...

8.6CVSS6.4AI score0.01461EPSS

Exploits3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-11941

Malware in sbrugna...

4.8CVSS5.2AI score0.00206EPSS

Exploits2References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-29910

Malicious code in bioql PyPI...

6.3CVSS4.8AI score0.00038EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-44216

Malicious code in bioql PyPI...

6.1CVSS4.9AI score0.00283EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-45165

Malicious code in bioql PyPI...

8.8CVSS9AI score0.0007EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-34292

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.01772EPSS

Exploits0References6

RedhatCVE•added 2025/05/23 9:54 a.m.•7 views

CVE-2024-28198

OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. By manually manipulating http requests when using the draw.io integration it is possible to read arbitrary files as the configured system user and SSRF. The problem is fixed in version...

7.5CVSS6.9AI score0.00106EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:14 a.m.•5 views

CVE-2023-40607

Cross-Site Request Forgery CSRF vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin = 1.10.0 versions...

8.8CVSS7.1AI score0.0007EPSS

Exploits0

RedhatCVE•added 2025/05/23 2:12 a.m.•4 views

CVE-2023-3563

A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was...

6.1CVSS6.3AI score0.00283EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:24 p.m.•3 views

CVE-2021-25029

The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.00206EPSS

Exploits2References1

CNVD•added 2025/05/07 12:0 a.m.•2 views

Moodle Information Disclosure Vulnerability

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the fact that anonymous assignment submissions can...

4.3CVSS4.2AI score0.00116EPSS

Exploits0References1

CNVD•added 2025/05/07 12:0 a.m.•1 views

Unspecified Vulnerability in Moodle

Moodle is a free e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from the need for additional checks to ensure that users only have access to authorized grou...

4.3CVSS6.6AI score0.00083EPSS

Exploits0References1

CNVD•added 2025/05/07 12:0 a.m.•1 views

Moodle Authorization Issues Vulnerability

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an authorization issue vulnerability that stems from an insufficient capability check, which can be...

4.3CVSS4.3AI score0.00108EPSS

Exploits0References1

CNVD•added 2025/02/28 12:0 a.m.•2 views

Moodle SQL Injection Vulnerability

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an SQL injection vulnerability that stems from not adequately filtering user input. No detailed...

9.8CVSS8.2AI score0.00402EPSS

Exploits0References1

CNVD•added 2025/02/28 12:0 a.m.•4 views

Moodle Cross-Site Scripting Vulnerability (CNVD-2025-11089)

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. A cross-site scripting vulnerability exists in Moodle. The vulnerability stems from a cross-site scripting risk where...

8.3CVSS7AI score0.00961EPSS

Exploits1References1

Vulnrichment•added 2025/01/09 11:10 a.m.•5 views

CVE-2024-11328 CLUEVO LMS, E-Learning Platform <= 1.13.2 - Reflected Cross-Site Scripting

The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.13.2. This makes it possible for unauthenticated attackers to...

6.1CVSS6.5AI score0.01772EPSS

Exploits0References8

CNNVD•added 2025/01/09 12:0 a.m.•1 views

WordPress plugin CLUEVO LMS, E-Learning Platform 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blogs on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin CLUEVO LMS, E-Learning Platform...

6.1CVSS7.5AI score0.01772EPSS

Exploits0References6

NVD•added 2024/12/06 9:15 a.m.•13 views

CVE-2024-11444

The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or incorrect nonce validation on the cluevorendermoduleui function. This makes it possible for unauthenticated attackers to...

4.3CVSS0.00197EPSS

Exploits0References4