Lucene search
K

757 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Claroline 1.5/1.6 toolaccess_details.php tool Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Claroline 1.5/1.6 user_access_details.php data Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Claroline 1.5/1.6 myagenda.php coursePath Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Schoolhos CMS Beta 2.29 (index.php, id parameter) SQL Injection

No description provided by source. Exploit Title: Schoolhos CMS SQL Injetions Google Dork: intext:Schoolhos Free Open Source CMS Date: 22 Oktober 2012 Exploit Author: Cumi++ Vendor Homepage: http://schoolhos.com/ Version: Beta 2.29 Tested on: Ubuntu 12.04...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

Docebo LMS <= 4.0.4 - (messages) Remote Code Execution

No description provided by source. ?php / Docebo LMS = v4.0.4 messages remote code execution exploit vendor: http://www.docebo.com/ software link: http://www.docebo.com/community/doceboCms/ author: mrme::rwx kru email: steventhomasseeley!gmail!com We must become the change we want to see in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/09/29 12:0 a.m.17 views

用友某系统存在通用型远程代码执行

简要描述: 详细说明: 用友e-Learning 2.0学习管理系统 搜索特征 inurl:lmsv5/login!loginIndexPage.action 网络实例 http://58.214.233.113:8800/lmsv5/login!loginIndexPage.action http://60.216.4.162:9091/lmsv5/login!loginIndexPage.action http://139.210.99.46:8080/lmsv5/login!loginIndexPage.action http报文特征 爬行目录特征 attestionuserfil...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/08/16 12:0 a.m.33 views

Claroline e-Learning 1.8.1 Privilege Escalation Vulnerability

Due to insufficient permission checking in profile.php any user can assign hem or her self to any organization by issueing a single http request. Claroline users can assign themselves their platform role, leading to possible privilege escalation Description: Due to insufficient permission checkin...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2012/11/02 12:0 a.m.126 views

XSS in dokeos 2.1.1

Exploit Title : Dokeos 2.1.1 Multiple Cross-Site Scripting Vulnerabilities Author:Marcela Benetrix home:www.girlinthemiddle.net Date: 10/17/12 version: 2.1.1 software link:www.dokeos.com Dokeos description Dokeos is an open source e-learning platform programmed in PHP, Javascript and HTML which...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2012/10/22 12:0 a.m.16 views

Schoolhos CMS Beta 2.29 - id SQL Injection

Schoolhos CMS Beta 2.29 - id SQL Injection Exploit Title: Schoolhos CMS SQL Injetions Google Dork: intext:Schoolhos Free Open Source CMS Date: 22 Oktober 2012 Exploit Author: Cumi++ Vendor Homepage: http://schoolhos.com/ Version: Beta 2.29 Tested on: Ubuntu 12.04...

0.3AI score
Exploits0
0day.today
0day.today
added 2011/04/05 12:0 a.m.24 views

DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities

Exploit for php platform in category web applications DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; form action="http://localhost/DoceboLMS404/doceboCore/index.php?modname=preassessment&op=modassessment"...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/04/04 12:0 a.m.27 views

DoceboLMS 4.0.4 Cross Site Scripting

DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; input type="hidden" name="authenticrequest" value="23dfee506a748201730ab2bb7...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2011/04/03 12:0 a.m.31 views

DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities

Summary DoceboLMS is a SCORM compliant Open Source e-Learning platform used in corporate, government and education markets. Description DoceboLMS suffers from multiple stored XSS vulnerabilities pre and post auth. Input thru the POST parameters 'name', 'code' and 'title' in index.php is not...

6AI score
Exploits0
securityvulns
securityvulns
added 2011/03/09 12:0 a.m.75 views

[DCA-2011-0003]: LMS Web Ensino - Multiple XSS, Session Fixation, CSRF and SQL Injection

DCA-2011-0003 Discussion - DcLabs Security Research Group advises about following vulnerabilityies: Software - LMS Web Ensino Vendor Product Description - Portuguese - O Learning Management System LMS Web Ensino uma ferramenta completa para o gerenciamento e oferta de cursos e treinamentos...

Exploits0
OpenVAS
OpenVAS
added 2011/02/08 12:0 a.m.10 views

Chamilo Detection

This host is running Chamilo, an e-learning portal. OpenVAS Vulnerability Test $Id: gbchamilodetect.nasl 5723 2017-03-24 15:46:34Z cfi $ Chamilo Detection Authors: Michael Meyer Copyright: Copyright c 2011 Greenbone Networks GmbH This program is free software; you can redistribute it and/or modif...

Exploits0References1
NVD
NVD
added 2010/03/10 8:14 p.m.20 views

CVE-2010-0954

SQL injection vulnerability in searchresult.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the courseID parameter...

7.5CVSS8.4AI score0.01359EPSS
Exploits1References6
Prion
Prion
added 2010/03/10 8:14 p.m.18 views

Sql injection

SQL injection vulnerability in searchresult.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the courseID parameter...

7.5CVSS9.1AI score0.01359EPSS
Exploits1References6
Cvelist
Cvelist
added 2010/03/09 8:0 p.m.19 views

CVE-2010-0954

SQL injection vulnerability in searchresult.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the courseID parameter...

8.4AI score0.01359EPSS
Exploits1References6
CVE
CVE
added 2010/03/09 8:0 p.m.38 views

CVE-2010-0954

CVE-2010-0954 corresponds to a SQL injection vulnerability in the Pre Projects Pre E-Learning Portal, specifically in search_result.asp where the course_ID parameter can be exploited to execute arbitrary SQL commands. The connected documents confirm the vulnerability details and affected componen...

7.5CVSS8.7AI score0.01359EPSS
Exploits1References6Affected Software1
exploitpack
exploitpack
added 2010/03/08 12:0 a.m.18 views

Pre E-Learning Portal - search_result.asp SQL Injection

Pre E-Learning Portal - searchresult.asp SQL Injection source: https://www.securityfocus.com/bid/38582/info Pre E-Learning Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/03/08 12:0 a.m.19 views

Pre E-Learning Portal - &#039;search_result.asp&#039; SQL Injection

source: https://www.securityfocus.com/bid/38582/info Pre E-Learning Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access o...

7.4AI score
Exploits0
Rows per page
Query Builder