Lucene search
K

757 matches found

CNVD
CNVD
added 2022/07/21 12:0 a.m.26 views

Moodle arbitrary file reading vulnerability

Moodle is a free and open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment.Moodle suffers from an arbitrary file reading vulnerability, which stems from insufficient path checking and can be exploited by...

7.5CVSS4.3AI score0.49102EPSS
Exploits0References1
OSV
OSV
added 2022/07/20 12:15 p.m.2 views

CVE-2022-2490

A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...

8.8CVSS5.7AI score0.00625EPSS
Exploits1References2
OSV
OSV
added 2022/07/20 12:15 p.m.3 views

CVE-2022-2489

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

8.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2022/07/20 12:15 p.m.17 views

CVE-2022-2489

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

8.8CVSS0.00625EPSS
Exploits1References2
Prion
Prion
added 2022/07/20 12:15 p.m.12 views

Sql injection

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

6.5CVSS8.9AI score0.00625EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/07/20 12:15 p.m.24 views

Sql injection

A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...

6.5CVSS9AI score0.00625EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/07/20 11:35 a.m.57 views

CVE-2022-2490

CVE-2022-2490 affects SourceCodester Simple E-Learning System 1.0. The vulnerability is a SQL injection in an unknown function of the file search.php , triggered by manipulating the parameter classCode (example payload includes 1'||(SELECT 0x74666264 …)). Exploitation is possible remotely, and pu...

8.8CVSS7.8AI score0.00625EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/07/20 11:35 a.m.6 views

CVE-2022-2490 SourceCodester Simple E-Learning System search.php sql injection

A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...

6.3CVSS7.7AI score0.00625EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/07/20 11:35 a.m.24 views

CVE-2022-2490 SourceCodester Simple E-Learning System search.php sql injection

A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...

6.3CVSS9.2AI score0.00625EPSS
Exploits1References2
CVE
CVE
added 2022/07/20 11:35 a.m.51 views

CVE-2022-2489

SourceCodester Simple E-Learning System 1.0 contains a SQL injection in classRoom.php via crafted input of the classCode parameter (e.g., 1'||(SELECT ...)). The vulnerability is remote-exploitable and has a CVSSv3.1 base score of 8.8 (HIGH) per NVD, with high impact on confidentiality, integrity,...

8.8CVSS7.7AI score0.00625EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/07/20 11:35 a.m.4 views

CVE-2022-2489 SourceCodester Simple E-Learning System classRoom.php sql injection

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

6.3CVSS7.6AI score0.00625EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/07/20 11:35 a.m.19 views

CVE-2022-2489 SourceCodester Simple E-Learning System classRoom.php sql injection

A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...

6.3CVSS9.1AI score0.00625EPSS
Exploits1References2
CNVD
CNVD
added 2022/07/20 12:0 a.m.57 views

Moodle Input Validation Error Vulnerability (CNVD-2022-54911)

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. moodle suffers from an input validation error vulnerability, which stems from improper input validation and can be exploited by remote...

9.8CVSS5.5AI score0.06441EPSS
Exploits1References1
CNVD
CNVD
added 2022/07/18 12:0 a.m.13 views

Simple e-Learning System Cross-Site Scripting Vulnerability

Simple e-Learning System is a simple e-learning system from Carlo Montero's personal developer. version 1.0 of Simple e-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of a Bio parameter in the file /vcs/claireblake to filter the user-supplied data a...

5.4CVSS2.9AI score0.00479EPSS
Exploits1References1
OSV
OSV
added 2022/07/14 12:15 p.m.2 views

CVE-2022-2396

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

5.4CVSS3.8AI score0.00479EPSS
Exploits1References2
NVD
NVD
added 2022/07/14 12:15 p.m.16 views

CVE-2022-2396

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

5.4CVSS0.00479EPSS
Exploits1References2
Prion
Prion
added 2022/07/14 12:15 p.m.12 views

Cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

4.9CVSS5.3AI score0.00479EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/07/14 12:6 p.m.10 views

CVE-2022-2396 SourceCodester Simple e-Learning System claire_blake cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

3.5CVSS6.4AI score0.00479EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/07/14 12:6 p.m.18 views

CVE-2022-2396 SourceCodester Simple e-Learning System claire_blake cross site scripting

A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...

3.5CVSS5.5AI score0.00479EPSS
Exploits1References2
CVE
CVE
added 2022/07/14 12:6 p.m.64 views

CVE-2022-2396

CVE-2022-2396 affects SourceCodester Simple e-Learning System 1.0. The vulnerability is an XSS in the /vcs/claire_blake endpoint, triggered by manipulating the Bio parameter with payload like >. Root cause is lack of input filtering on Bio, leading to client-side script execution. Attack can b...

5.4CVSS4.4AI score0.00479EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder