757 matches found
CVE-2024-50827
A SQL Injection vulnerability was found in /admin/addsubject.php in kashipara E-learning Management System Project 1.0 via the subjectcode parameter...
CVE-2024-50833
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters...
CVE-2024-50832
A SQL Injection vulnerability was found in /admin/editclass.php in kashipara E-learning Management System Project 1.0 via the classname parameter...
CVE-2024-50837
A Stored Cross-Site Scripting XSS vulnerability was found in /admin/adminuser.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is caused by an SQL injection in the parameter classname...
CVE-2024-50828
A SQL Injection vulnerability was found in /admin/editdepartment.php in kashipara E-learning Management System Project 1.0 via the d parameter...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which originates from an SQL injection in parameter d. The vulnerability is caused by the presence of an SQL injection in...
CVE-2024-50833
Summary: CVE-2024-50833 is a SQL Injection in the KASHIPARA E-learning Management System Project 1.0, exploitable via /login.php using the username and password parameters. The vulnerability affects version 1.0 of the system and is described across multiple feeds, with a high-severity impact (NVD...
Kashipara E-learning Management System 安全漏洞
Kashipara E-learning Management System is a learning management system from Kashipara Inc. A security vulnerability exists in Kashipara E-learning Management System version 1.0, which is rooted in a susceptibility to a stored cross-site scripting attack that allows remote attackers to execute...
PT-2024-34431 · Unknown · Kashipara E-Learning Management System Project
Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A SQL Injection issue was found in the /login.php file of the KASHIPARA E-learning Management System Project. The issue is related to the username and password parameters...
CVE-2024-50833
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters...
CVE-2024-50831
CVE-2024-50831 affects the Kashipara E-learning Management System Project 1.0. A SQL injection vulnerability exists in the admin interface at /admin/admin_user.php, exploitable via the username and password parameters. CVSS data from multiple sources indicate a high-severity impact with potential...
CVE-2024-50824
The CVE-2024-50824 entry concerns Kashipara E-learning Management System Project 1.0, with a SQL Injection in /admin/class.php via the class_name parameter. Affected component is the server-side PHP script handling class_name in the admin interface. The vulnerability allows attackers to manipulat...
CVE-2024-50829
CVE-2024-50829 describes a SQL injection in the Kashipara E-learning Management System Project 1.0. The vulnerability is triggered via the unit parameter in the endpoint /admin/edit_subject.php. Evidence from multiple sources (NVD, Red Hat, CVE lists) confirms the affected component and the injec...
CVE-2024-50838
A Stored Cross-Site Scripting (XSS) vulnerability affects Kashipara E-learning Management System Project 1.0, located in /admin/department.php. The flaw allows remote attackers to inject and execute arbitrary scripts via the d and pi parameters. According to the connected documents, the issue is ...
CVE-2024-50830
Summary: CVE-2024-50830 affects Kashipara E-learning Management System Project 1.0. The vulnerability is a SQL Injection in the admin calendar page: /admin/calendar_of_events.php, exploitable via the date_start, date_end, and title parameters. Affected product/version: Kashipara E-learning Manage...
CVE-2024-50826
Summary of CVE-2024-50826 : The Red/Blue documents describe a SQL injection vulnerability in Kashipara E-learning Management System Project 1.0, exploitable via the title and content parameters of /admin/add_content.php. The underlying issue is unvalidated input used to construct SQL queries, ena...
CVE-2024-50827
CVE-2024-50827 affects Kashipara E-learning Management System Project 1.0. A SQL Injection vulnerability exists in /admin/add_subject.php via the subject_code parameter. The NVD entry lists a high impact (C/H/I/A) with a base score of 7.2 (3.1 vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). Red Hat...
CVE-2024-50825
Kashipara E-learning Management System Project 1.0 contains a SQL Injection in /admin/school_year.php via the school_year parameter. The vulnerability affects the application’s ability to enforce data integrity and confidentiality, with potential impact on confidentiality, integrity, and availabi...
CVE-2024-50835
CVE-2024-50835 is a SQL injection vulnerability in Kashipara E-learning Management System Project 1.0, exploitable via /admin/edit_student.php using the cys, un, ln, fn, and id parameters. The NVD entry lists CVSSv3.1/7.2 HIGH (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H); a CNA entry shows a conflicting...