757 matches found
CVE-2024-50831
A SQL Injection was found in /admin/adminuser.php in kashipara E-learning Management System Project 1.0 via the username and password parameters...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by SQL injection of the parameters username and password...
CVE-2024-50832
A SQL Injection vulnerability was found in /admin/editclass.php in kashipara E-learning Management System Project 1.0 via the classname parameter...
PT-2024-34432 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A SQL Injection issue was discovered in the /admin/teachers.php file of the KASHIPARA E-learning Management System Project. The firstname and lastname parameters are...
CVE-2024-50835
A SQL Injection vulnerability was found in /admin/editstudent.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by SQL injection of the parameters username and password...
Kashipara E-learning Management System 跨站脚本漏洞
Kashipara E-learning Management System is a learning management system from Kashipara Inc. A cross-site scripting vulnerability exists in Kashipara E-learning Management System version 1.0, which is rooted in a stored cross-site scripting attack that allows remote attackers to execute arbitrary...
CVE-2024-50834
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters...
CVE-2024-50830
A SQL Injection vulnerability was found in /admin/calendarofevents.php in kashipara E-learning Management System Project 1.0 via the datestart, dateend, and title parameters...
CVE-2024-50838
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the d and pi parameters...
PT-2024-34423 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System Project version 1.0 Description: A SQL Injection issue was found in the /admin/school year.php file, specifically via the school year parameter. This allows for potential exploitation. Recommendations: F...
CVE-2024-50834
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters...
CVE-2024-50830
A SQL Injection vulnerability was found in /admin/calendarofevents.php in kashipara E-learning Management System Project 1.0 via the datestart, dateend, and title parameters...
PT-2024-34441 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /admin/school year.php endpoint, specifically via the school year parameter. This allows remote attackers to...
PT-2024-34437 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A Stored Cross-Site Scripting XSS issue was discovered in the "/admin/add subject.php" and "/lms/admin/add subject.php" API endpoints, allowing remote attackers to execut...
CVE-2024-50829
A SQL Injection vulnerability was found in /admin/editsubject.php in kashipara E-learning Management System Project 1.0 via the unit parameter...
CVE-2024-50824
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the classname parameter...
CVE-2024-50839
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/addsubject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subjectcode and title parameters...
CVE-2024-50825
A SQL Injection vulnerability was found in /admin/schoolyear.php in kashipara E-learning Management System Project 1.0 via the schoolyear parameter...
CVE-2024-50829
A SQL Injection vulnerability was found in /admin/editsubject.php in kashipara E-learning Management System Project 1.0 via the unit parameter...