757 matches found
Moodle arbitrary file reading vulnerability
Moodle is a free and open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment.Moodle suffers from an arbitrary file reading vulnerability, which stems from insufficient path checking and can be exploited by...
CVE-2022-2490
A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...
CVE-2022-2489
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...
CVE-2022-2489
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...
Sql injection
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...
Sql injection
A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...
CVE-2022-2490
CVE-2022-2490 affects SourceCodester Simple E-Learning System 1.0. The vulnerability is a SQL injection in an unknown function of the file search.php , triggered by manipulating the parameter classCode (example payload includes 1'||(SELECT 0x74666264 …)). Exploitation is possible remotely, and pu...
CVE-2022-2490 SourceCodester Simple E-Learning System search.php sql injection
A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...
CVE-2022-2490 SourceCodester Simple E-Learning System search.php sql injection
A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||SELECT 0x74666264 WHERE 5610=5610 AND SELECT 7504 FROMSELECT...
CVE-2022-2489
SourceCodester Simple E-Learning System 1.0 contains a SQL injection in classRoom.php via crafted input of the classCode parameter (e.g., 1'||(SELECT ...)). The vulnerability is remote-exploitable and has a CVSSv3.1 base score of 8.8 (HIGH) per NVD, with high impact on confidentiality, integrity,...
CVE-2022-2489 SourceCodester Simple E-Learning System classRoom.php sql injection
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...
CVE-2022-2489 SourceCodester Simple E-Learning System classRoom.php sql injection
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...
Moodle Input Validation Error Vulnerability (CNVD-2022-54911)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. moodle suffers from an input validation error vulnerability, which stems from improper input validation and can be exploited by remote...
Simple e-Learning System Cross-Site Scripting Vulnerability
Simple e-Learning System is a simple e-learning system from Carlo Montero's personal developer. version 1.0 of Simple e-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of a Bio parameter in the file /vcs/claireblake to filter the user-supplied data a...
CVE-2022-2396
A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...
CVE-2022-2396
A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...
Cross site scripting
A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...
CVE-2022-2396 SourceCodester Simple e-Learning System claire_blake cross site scripting
A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...
CVE-2022-2396 SourceCodester Simple e-Learning System claire_blake cross site scripting
A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claireblake. The manipulation of the argument Bio with the input "alertdocument.cookie leads to cross site scripting. The...
CVE-2022-2396
CVE-2022-2396 affects SourceCodester Simple e-Learning System 1.0. The vulnerability is an XSS in the /vcs/claire_blake endpoint, triggered by manipulating the Bio parameter with payload like >. Root cause is lack of input filtering on Bio, leading to client-side script execution. Attack can b...