757 matches found
CVE-2024-54930
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletestudent.php...
CVE-2024-54925
A SQL Injection was found in /removesentmessage.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...
CVE-2024-54926
A SQL Injection vulnerability was found in /searchclass.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the schoolyear parameter...
CVE-2024-54931
CVE-2024-54931 relates to a SQL injection in Kashipara E-learning Management System v1.0, exposed via the /admin/delete_event.php endpoint. The vulnerability stems from unsanitized input to the id parameter, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized databas...
CVE-2024-54934
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...
CVE-2024-54931
A SQL Injection was found in /admin/deleteevent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...
CVE-2024-54935
A Stored Cross-Site Scripting XSS vulnerability was found in /sendmessageteachertostudent.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the mymessage parameter...
PT-2024-36438 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /teacher signup.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database through...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from a SQL injection vulnerability in /admin/deleteteacher.php...
PT-2024-36446 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: The issue is related to a SQL Injection vulnerability in the /admin/delete teacher.php file. This vulnerability can be exploited through the delete teacher.php API endpoint. No...
CVE-2024-54928
kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteteacher.php,...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit the vulnerability to access the database by executing arbitrary SQL commands via the firstname, lastname,...
CVE-2024-54918
Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacheravatar.php...
CVE-2024-54921
CVE-2024-54921 affects Kashipara E-learning Management System v1.0, with a SQL injection in /student_signup.php that allows remote attackers to execute arbitrary SQL through the username, firstname, lastname, and class_id parameters, leading to unauthorized database access. The CVSS v3.1 data ind...
CVE-2024-54934
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteclass.php...
CVE-2024-54927
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteusers.php...
CVE-2024-54937
A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets...
CVE-2024-54922
A SQL Injection was found in /admin/edituser.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the firstname, lastname, and username parameters...
PT-2024-36453 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A Stored Cross-Site Scripting XSS issue exists in the /send message teacher to student.php file, allowing remote attackers to execute arbitrary scripts via the my message...
PT-2024-36454 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /send message.php endpoint of the Kashipara E-learning Management System. This issue allows remote attackers to execute...