757 matches found
PT-2024-36453 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A Stored Cross-Site Scripting XSS issue exists in the /send message teacher to student.php file, allowing remote attackers to execute arbitrary scripts via the my message...
PT-2024-36454 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /send message.php endpoint of the Kashipara E-learning Management System. This issue allows remote attackers to execute...
CVE-2024-54931
A SQL Injection was found in /admin/deleteevent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...
PT-2024-36451 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete content.php endpoint. This vulnerability allows for potential exploitation by injecting malicious SQL code...
PT-2024-36435 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: The issue is related to Remote Code Execution via File Upload in the /teacher avatar.php endpoint. This allows for the execution of remote code through the upload of files...
PT-2024-36450 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete department.php endpoint. This vulnerability can be exploited to inject malicious SQL code. Recommendations:...
PT-2024-36444 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL Injection issue was found in the /search class.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized database access via the school ye...
CVE-2024-54935
CVE-2024-54935 describes a Stored Cross-Site Scripting (XSS) in the Kashipara E-learning Management System v1.0. The vulnerability is in /send_message_teacher_to_student.php and is exploitable via the my_message parameter, enabling remote attackers to inject and execute arbitrary scripts. Impact ...
PT-2024-36455 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: A Directory Listing issue allows remote attackers to access sensitive files and directories via the "/admin/assets" API endpoint. This issue enables unauthorized access to...
CVE-2024-54927
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteusers.php...
CVE-2024-54937
A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets...
PT-2024-36448 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete student.php endpoint. This vulnerability allows for potential exploitation. Recommendations: For Kashipara...
CVE-2024-54923
A SQL Injection vulnerability was found in /admin/editteacher.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the department parameter...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands to access the database via the department parameter...
CVE-2024-54920
A SQL Injection vulnerability was found in /teachersignup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the firstname, lastname, and classid parameters...
CVE-2024-54933
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletecontent.php...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deletecontent.php...
PT-2024-36436 · Unknown · Kashipara E-Learning Management System
Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the /teacher avatar.php file. This allows remote attackers to execute arbitrary JavaScript via the filename parameter...
CVE-2024-54936
A Stored Cross-Site Scripting XSS vulnerability was found in /sendmessage.php of Kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the mymessage parameter...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary Java script via the filename parameter...