Lucene search
K

757 matches found

ATTACKERKB
ATTACKERKB
added 2024/12/06 2:15 p.m.4 views

CVE-2024-11321

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Hi e-learning Learning Management System LMS allows Reflected XSS. This issue affects Learning Management System LMS: before 06.12.2024...

5.4CVSS5.8AI score0.00297EPSS
Exploits0References3
CVE
CVE
added 2024/12/06 1:37 p.m.121 views

CVE-2024-11321

CVE-2024-11321 describes a reflected XSS in Hi e-learning’s Learning Management System (LMS) caused by improper input neutralization during web page generation. Affected: LMS versions prior to 06.12.2024. CVSSv3.1 base score 5.4 (Medium) with Network attack vector, Low impact on confidentiality a...

5.4CVSS5.8AI score0.00297EPSS
Exploits0References2
NVD
NVD
added 2024/12/06 9:15 a.m.18 views

CVE-2024-11444

The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or incorrect nonce validation on the cluevorendermoduleui function. This makes it possible for unauthenticated attackers to...

4.3CVSS0.00211EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/12/06 8:24 a.m.15 views

CVE-2024-11444 CLUEVO LMS, E-Learning Platform <= 1.13.2 - Cross-Site Request Forgery to Module Deletion

The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or incorrect nonce validation on the cluevorendermoduleui function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.5AI score0.00211EPSS
Exploits0References4
CVE
CVE
added 2024/12/06 8:24 a.m.64 views

CVE-2024-11444

CVE-2024-11444 : CLUEVO LMS (WordPress plugin)

4.3CVSS4.3AI score0.00211EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.6 views

WordPress plugin CLUEVO LMS, E-Learning Platform 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS8.2AI score0.00211EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.4 views

Hi e-learning Learning Management System 跨站脚本漏洞

Hi e-learning Learning Management System Hi e-learning LMS is an online learning solution from Hi e-learning, Inc. A cross-site scripting vulnerability exists in versions of Hi e-learning Learning Management System prior to 06.12.2024, which stems from improper input neutralization during web pag...

5.4CVSS6.1AI score0.00297EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/26 12:0 a.m.5 views

Moodle Authorization Issues Vulnerability (CNVD-2024-46247)

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an authorization issue vulnerability that stems from the need to perform additional checks to ensure that ...

4.3CVSS7AI score0.00281EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/15 12:0 a.m.3 views

Moodle Access Control Error Vulnerability

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an Access Control Error vulnerability that stems from insufficient access control over the inclusion of an...

5.3CVSS7.2AI score0.00318EPSS
Exploits0References1
NVD
NVD
added 2024/11/14 6:15 p.m.34 views

CVE-2024-50831

A SQL Injection was found in /admin/adminuser.php in kashipara E-learning Management System Project 1.0 via the username and password parameters...

7.2CVSS0.00379EPSS
Exploits1References1
NVD
NVD
added 2024/11/14 6:15 p.m.18 views

CVE-2024-50830

A SQL Injection vulnerability was found in /admin/calendarofevents.php in kashipara E-learning Management System Project 1.0 via the datestart, dateend, and title parameters...

7.2CVSS0.00379EPSS
Exploits1References1
OSV
OSV
added 2024/11/14 6:15 p.m.4 views

CVE-2024-50831

A SQL Injection was found in /admin/adminuser.php in kashipara E-learning Management System Project 1.0 via the username and password parameters...

7.2CVSS5.8AI score0.00379EPSS
Exploits1References1
NVD
NVD
added 2024/11/14 6:15 p.m.23 views

CVE-2024-50826

A SQL Injection vulnerability was found in /admin/addcontent.php in kashipara E-learning Management System Project 1.0 via the title and content parameters...

7.2CVSS0.00379EPSS
Exploits1References1
NVD
NVD
added 2024/11/14 6:15 p.m.19 views

CVE-2024-50829

A SQL Injection vulnerability was found in /admin/editsubject.php in kashipara E-learning Management System Project 1.0 via the unit parameter...

7.2CVSS0.00379EPSS
Exploits1References1
OSV
OSV
added 2024/11/14 6:15 p.m.2 views

CVE-2024-50826

A SQL Injection vulnerability was found in /admin/addcontent.php in kashipara E-learning Management System Project 1.0 via the title and content parameters...

7.2CVSS5.8AI score0.00379EPSS
Exploits1References1
NVD
NVD
added 2024/11/14 6:15 p.m.20 views

CVE-2024-50824

A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the classname parameter...

7.2CVSS0.00468EPSS
Exploits1References1
NVD
NVD
added 2024/11/14 6:15 p.m.21 views

CVE-2024-50825

A SQL Injection vulnerability was found in /admin/schoolyear.php in kashipara E-learning Management System Project 1.0 via the schoolyear parameter...

7.2CVSS0.00379EPSS
Exploits1References1
NVD
NVD
added 2024/11/14 6:15 p.m.12 views

CVE-2024-50827

A SQL Injection vulnerability was found in /admin/addsubject.php in kashipara E-learning Management System Project 1.0 via the subjectcode parameter...

7.2CVSS0.00379EPSS
Exploits1References1
NVD
NVD
added 2024/11/14 6:15 p.m.32 views

CVE-2024-50828

A SQL Injection vulnerability was found in /admin/editdepartment.php in kashipara E-learning Management System Project 1.0 via the d parameter...

7.2CVSS0.00379EPSS
Exploits1References1
OSV
OSV
added 2024/11/14 6:15 p.m.6 views

CVE-2024-50829

A SQL Injection vulnerability was found in /admin/editsubject.php in kashipara E-learning Management System Project 1.0 via the unit parameter...

7.2CVSS5.8AI score0.00379EPSS
Exploits1References1
Rows per page
Query Builder