Lucene search
K

757 matches found

Cvelist
Cvelist
added 2024/12/09 12:0 a.m.19 views

CVE-2024-54930

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletestudent.php...

0.00469EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.13 views

CVE-2024-54925

A SQL Injection was found in /removesentmessage.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

8.8AI score0.00571EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.12 views

CVE-2024-54926

A SQL Injection vulnerability was found in /searchclass.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the schoolyear parameter...

0.00555EPSS
Exploits1References1
CVE
CVE
added 2024/12/09 12:0 a.m.60 views

CVE-2024-54931

CVE-2024-54931 relates to a SQL injection in Kashipara E-learning Management System v1.0, exposed via the /admin/delete_event.php endpoint. The vulnerability stems from unsanitized input to the id parameter, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized databas...

9.8CVSS9.1AI score0.00571EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.16 views

CVE-2024-54934

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...

0.00486EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.18 views

CVE-2024-54931

A SQL Injection was found in /admin/deleteevent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

0.00571EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.13 views

CVE-2024-54935

A Stored Cross-Site Scripting XSS vulnerability was found in /sendmessageteachertostudent.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the mymessage parameter...

0.0038EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.5 views

PT-2024-36438 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /teacher signup.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database through...

9.8CVSS9.3AI score0.00571EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from a SQL injection vulnerability in /admin/deleteteacher.php...

7.2CVSS7.9AI score0.00465EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36446 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: The issue is related to a SQL Injection vulnerability in the /admin/delete teacher.php file. This vulnerability can be exploited through the delete teacher.php API endpoint. No...

7.2CVSS7.1AI score0.00465EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.12 views

CVE-2024-54928

kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteteacher.php,...

7.3AI score0.00465EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.5 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the firstname, lastname,...

9.8CVSS7.5AI score0.00551EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.13 views

CVE-2024-54918

Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacheravatar.php...

7.5AI score0.00898EPSS
Exploits1References1
CVE
CVE
added 2024/12/09 12:0 a.m.67 views

CVE-2024-54921

CVE-2024-54921 affects Kashipara E-learning Management System v1.0, with a SQL injection in /student_signup.php that allows remote attackers to execute arbitrary SQL through the username, firstname, lastname, and class_id parameters, leading to unauthorized database access. The CVSS v3.1 data ind...

9.8CVSS9.1AI score0.00571EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.12 views

CVE-2024-54934

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...

8AI score0.00486EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.19 views

CVE-2024-54927

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteusers.php...

0.00465EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.11 views

CVE-2024-54937

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets...

5.3AI score0.00452EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.18 views

CVE-2024-54922

A SQL Injection was found in /admin/edituser.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the firstname, lastname, and username parameters...

0.00551EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.3 views

PT-2024-36453 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A Stored Cross-Site Scripting XSS issue exists in the /send message teacher to student.php file, allowing remote attackers to execute arbitrary scripts via the my message...

5.4CVSS6.4AI score0.0038EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.7 views

PT-2024-36454 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /send message.php endpoint of the Kashipara E-learning Management System. This issue allows remote attackers to execute...

5.4CVSS6.5AI score0.00395EPSS
Exploits1References5
Rows per page
Query Builder