Lucene search
K

757 matches found

Cvelist
Cvelist
added 2024/05/17 1:43 p.m.25 views

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.4AI score0.00852EPSS
Exploits0References1
NVD
NVD
added 2024/04/30 11:15 p.m.16 views

CVE-2024-4349

A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...

7.5CVSS7.3AI score0.01035EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/04/30 11:0 p.m.11 views

CVE-2024-4349 SourceCodester Pisay Online E-Learning System controller.php unrestricted upload

A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...

7.5CVSS6.9AI score0.01035EPSS
Exploits1References4
CVE
CVE
added 2024/04/30 11:0 p.m.83 views

CVE-2024-4349

CVE-2024-4349 affects SourceCodester Pisay Online E-Learning System 1.0. The vulnerability lies in the /lesson/controller.php file where manipulating the file parameter leads to unrestricted uploads. It can be exploited remotely, and publicly disclosed exploit information exists (VDB-262489). Rem...

7.5CVSS6.8AI score0.01035EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/04/30 11:0 p.m.26 views

CVE-2024-4349 SourceCodester Pisay Online E-Learning System controller.php unrestricted upload

A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...

7.5CVSS7.5AI score0.01035EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/04/30 12:0 a.m.3 views

Pisay Online E-Learning System 代码问题漏洞

Sourcecodester Pisay Online E-Learning System is an online e-learning system based on PHP and MySQL. A code issue vulnerability exists in Pisay Online E-Learning System version 1.0, which stems from the parameter file in the file /lesson/controller.php that can lead to unrestricted uploads...

7.5CVSS7.1AI score0.01035EPSS
Exploits1References6
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.365 views

GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload

Exploit Title: GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload Date: 2024-02-04 Exploit Author: Georgios Tsimpidas Vendor Homepage: https://www.openeclass.org/ Software Link: https://download.openeclass.org/files/3.15/ Version: 3.15 2024 Tested on: Debian Kali...

9.8CVSS6.7AI score0.03821EPSS
Exploits6
GithubExploit
GithubExploit
added 2024/04/11 1:48 p.m.422 views

Exploit for Unrestricted Upload of File with Dangerous Type in Openeclass

CVE-2024-31777 | GUnet OpenEclass E-learning platform Unrestri...

9.8CVSS10AI score0.03821EPSS
Exploits6
0day.today
0day.today
added 2024/04/11 12:0 a.m.318 views

GUnet OpenEclass E-learning 3.15 File Upload / Command Execution Exploit

GUnet OpenEclass E-learning platform version 3.15 suffers from an unrestricted file upload vulnerability in certbadge.php that allows for remote command execution. import requests import argparse import zipfile import os import sys RED = '\03391m' GREEN = '\03392m' YELLOW = '\03393m' RESET =...

9.8CVSS7.7AI score0.03821EPSS
Exploits6
CNVD
CNVD
added 2024/03/14 12:0 a.m.17 views

Moodle Denial of Service Vulnerability (CNVD-2024-13538)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A denial-of-service vulnerability exists in Moodle, which stems from insufficient file size checking, and can be exploited by an attack...

7.5CVSS6.6AI score0.00944EPSS
Exploits0References1
Prion
Prion
added 2024/03/11 8:15 p.m.34 views

Design/Logic Flaw

OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. By manually manipulating http requests when using the draw.io integration it is possible to read arbitrary files as the configured system user and SSRF. The problem is fixed in version...

4.6CVSS4.8AI score0.00431EPSS
Exploits0References3
CVE
CVE
added 2024/03/11 7:38 p.m.103 views

CVE-2024-28198

OpenOLAT contains an XXE/SSRF vulnerability in the draw.io integration that allows an attacker to read arbitrary files as the system user by manipulating HTTP requests. Affected versions are OpenOLAT prior to 18.1.6 and prior to 18.2.2. The issue is fixed in 18.1.6 and 18.2.2; users should upgrad...

7.5CVSS4.7AI score0.00431EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/03/11 7:38 p.m.23 views

CVE-2024-28198 XML external entity (XXE) injection in OpenOLAT

OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. By manually manipulating http requests when using the draw.io integration it is possible to read arbitrary files as the configured system user and SSRF. The problem is fixed in version...

4.6CVSS5AI score0.00431EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2024/02/19 8:5 p.m.14 views

e-learning.ippo.kubg.edu.ua Cross Site Scripting vulnerability OBB-3855046

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CNNVD
CNNVD
added 2023/10/18 12:0 a.m.3 views

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. No information about this vulnerability is available at this time, please stay tuned to CNN...

5.3CVSS6.5AI score0.00538EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/10/18 12:0 a.m.5 views

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. No information about this vulnerability is available at this time, please stay tuned to CNN...

5.3CVSS6.5AI score0.0056EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/10/18 12:0 a.m.3 views

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. No information about this vulnerability is available at this time, please stay tuned to CNN...

6.1CVSS6.5AI score0.00506EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2023/10/15 1:6 p.m.15 views

e-learning.igacloud.net Cross Site Scripting vulnerability OBB-3751046

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
WPVulnDB
WPVulnDB
added 2023/10/12 12:0 a.m.11 views

CLUEVO LMS, E-Learning Platform < 1.11.0 - Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS6.4AI score0.00214EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/06 2:51 p.m.12 views

CVE-2023-40607 WordPress CLUEVO LMS, E-Learning Platform Plugin <= 1.10.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin = 1.10.0 versions...

4.3CVSS7.4AI score0.00214EPSS
Exploits0References1
Rows per page
Query Builder