Lucene search
K

757 matches found

Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.3 views

PT-2024-36453 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A Stored Cross-Site Scripting XSS issue exists in the /send message teacher to student.php file, allowing remote attackers to execute arbitrary scripts via the my message...

5.4CVSS6.4AI score0.0038EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.7 views

PT-2024-36454 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /send message.php endpoint of the Kashipara E-learning Management System. This issue allows remote attackers to execute...

5.4CVSS6.5AI score0.00395EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.11 views

CVE-2024-54931

A SQL Injection was found in /admin/deleteevent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter...

10AI score0.00571EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36451 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete content.php endpoint. This vulnerability allows for potential exploitation by injecting malicious SQL code...

9.8CVSS7.5AI score0.00469EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36435 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: The issue is related to Remote Code Execution via File Upload in the /teacher avatar.php endpoint. This allows for the execution of remote code through the upload of files...

9.8CVSS8.4AI score0.00898EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36450 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete department.php endpoint. This vulnerability can be exploited to inject malicious SQL code. Recommendations:...

9.8CVSS7.6AI score0.00486EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.5 views

PT-2024-36444 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL Injection issue was found in the /search class.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized database access via the school ye...

9.8CVSS9.4AI score0.00555EPSS
Exploits1References5
CVE
CVE
added 2024/12/09 12:0 a.m.58 views

CVE-2024-54935

CVE-2024-54935 describes a Stored Cross-Site Scripting (XSS) in the Kashipara E-learning Management System v1.0. The vulnerability is in /send_message_teacher_to_student.php and is exploitable via the my_message parameter, enabling remote attackers to inject and execute arbitrary scripts. Impact ...

5.4CVSS5.9AI score0.0038EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.5 views

PT-2024-36455 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: A Directory Listing issue allows remote attackers to access sensitive files and directories via the "/admin/assets" API endpoint. This issue enables unauthorized access to...

5.3CVSS7AI score0.00452EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.15 views

CVE-2024-54927

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deleteusers.php...

7.3AI score0.00465EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.20 views

CVE-2024-54937

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets...

0.00452EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36448 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete student.php endpoint. This vulnerability allows for potential exploitation. Recommendations: For Kashipara...

9.8CVSS7.5AI score0.00469EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.20 views

CVE-2024-54923

A SQL Injection vulnerability was found in /admin/editteacher.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the department parameter...

0.00571EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.5 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary SQL commands to access the database via the department parameter...

9.8CVSS8AI score0.00571EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.13 views

CVE-2024-54920

A SQL Injection vulnerability was found in /teachersignup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the firstname, lastname, and classid parameters...

0.00571EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.24 views

CVE-2024-54933

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/deletecontent.php...

0.00469EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0, which originates from an SQL injection vulnerability in /admin/deletecontent.php...

9.8CVSS7.9AI score0.00469EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.6 views

PT-2024-36436 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the /teacher avatar.php file. This allows remote attackers to execute arbitrary JavaScript via the filename parameter...

5.4CVSS6.5AI score0.003EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/12/09 12:0 a.m.10 views

CVE-2024-54936

A Stored Cross-Site Scripting XSS vulnerability was found in /sendmessage.php of Kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the mymessage parameter...

6AI score0.00395EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

Kashipara E-learning Management System 安全漏洞

Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System v1.0. An attacker can exploit this vulnerability to execute arbitrary Java script via the filename parameter...

5.4CVSS7.3AI score0.003EPSS
Exploits1References1
Rows per page
Query Builder