Lucene search
K

757 matches found

CNVD
CNVD
added 2022/11/25 12:0 a.m.40 views

Moodle Policy Tool Cross-Site Scripting Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A cross-site scripting vulnerability exists in Moodle versions 3.9.0 and later, 3.9.18 and earlier, 3.11.0 and later, 3.11.11 and...

6.1CVSS6.8AI score0.00671EPSS
Exploits0References1
CNVD
CNVD
added 2022/11/25 12:0 a.m.30 views

Moodle User Profile Field Cross-Site Scripting Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A cross-site scripting vulnerability exists in Moodle versions 3.11.0 and later, 3.11.1 and earlier, 4.0.0 and later, and 4.0.5 and...

5.4CVSS6.8AI score0.00655EPSS
Exploits0References1
CNVD
CNVD
added 2022/11/09 12:0 a.m.20 views

Simple E-Learning System Information Disclosure Vulnerability

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. version v1.0 of Simple E-Learning System is vulnerable to information disclosure, which can be exploited by attackers to read arbitrary files resulting in information disclosure...

7.5CVSS3.2AI score0.00706EPSS
Exploits1References1
OSV
OSV
added 2022/11/07 3:15 p.m.6 views

CVE-2022-43319

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

7.5CVSS5.8AI score0.00706EPSS
Exploits1References1
NVD
NVD
added 2022/11/07 3:15 p.m.16 views

CVE-2022-43319

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

7.5CVSS0.00706EPSS
Exploits1References1
Prion
Prion
added 2022/11/07 3:15 p.m.16 views

Information disclosure

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

5CVSS7.1AI score0.00706EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/11/07 12:0 a.m.3 views

Simple E-Learning System 安全漏洞

Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. version v1.0 of Simple E-Learning System is vulnerable to information disclosure, which can be exploited by attackers to read arbitrary files resulting in information disclosure...

7.5CVSS6.5AI score0.00706EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/07 12:0 a.m.8 views

CVE-2022-43319

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

7.2AI score0.00706EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/11/07 12:0 a.m.7 views

PT-2022-26845 · Unknown · Simple E-Learning System

Name of the Vulnerable Software and Affected Versions: Simple E-Learning System version 1.0 Description: An information disclosure issue exists in the component "vcs/downloadFiles.php?download=./search.php" of Simple E-Learning System, allowing attackers to read arbitrary files. Recommendations:...

7.5CVSS7.1AI score0.00706EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/11/07 12:0 a.m.11 views

CVE-2022-43319

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...

7.3AI score0.00706EPSS
Exploits1References1
CVE
CVE
added 2022/11/07 12:0 a.m.71 views

CVE-2022-43319

CVE-2022-43319 affects Simple E-Learning System v1.0. The vulnerability resides in the endpoint vcs/downloadFiles.php?download=./search.php, enabling an attacker to read arbitrary files and thus disclose confidential data. The reported impact is High confidentiality loss (CVSS v3.1: AV:N/AC:L/PR:...

7.5CVSS7.1AI score0.00706EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2022/10/10 12:0 a.m.16 views

Simple E-Learning System SQL Injection Vulnerability (CNVD-2022-68282)

Simple E-Learning System is a simple e-learning system. version 1.0 of Simple E-Learning System is vulnerable to SQL injection, which stems from the presence of SQL injection in classCode. No detailed vulnerability details are available at this time...

9.8CVSS3.1AI score0.00872EPSS
Exploits1References1
NVD
NVD
added 2022/10/07 11:15 a.m.30 views

CVE-2022-40872

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...

9.8CVSS0.00872EPSS
Exploits1References2
Prion
Prion
added 2022/10/07 11:15 a.m.15 views

Sql injection

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...

7.5CVSS9.7AI score0.00872EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/10/07 12:0 a.m.27 views

CVE-2022-40872

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...

10AI score0.00872EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/10/07 12:0 a.m.4 views

CVE-2022-40872

An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...

7.9AI score0.00872EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/10/07 12:0 a.m.4 views

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system. version 1.0 of Simple E-Learning System is vulnerable to SQL injection, which stems from the presence of SQL injection in classCode. No detailed vulnerability details are available at this time...

9.8CVSS7.8AI score0.00872EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/10/07 12:0 a.m.4 views

PT-2022-25597 · Unknown · Sourcecodester Simple E-Learning System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Simple E-Learning System version 1.0 Description: A SQL injection issue was found in the /vcs/classRoom.php endpoint, specifically with the classCode parameter. This allows for potential SQL injection attacks. Recommendations:...

9.8CVSS9.6AI score0.00872EPSS
Exploits1References5
CVE
CVE
added 2022/10/07 12:0 a.m.63 views

CVE-2022-40872

Sourcecodester Simple E-Learning System 1.0 is affected by an SQL injection in the /vcs/classRoom.php?classCode= endpoint. The root cause is unsafely handling the classCode parameter, enabling an attacker to induce high-severity impact to confidentiality, integrity, and availability (CVSS v3.1: 9...

9.8CVSS9.8AI score0.00872EPSS
Exploits1References2Affected Software1
Openbugbounty
Openbugbounty
added 2022/09/13 10:48 a.m.13 views

e-learning.alepuniv.edu.sy Cross Site Scripting vulnerability OBB-2916955

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder