19 matches found
EUVD-2006-1422
Malware in sbrugna...
CVE-2025-8323
The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-8323
The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-8322
The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting accounts. They can even escalate any account to system administrator privilege...
CVE-2025-8323 Ventem|e-School - Arbitrary File Upload
The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-8323
The CVE-2025-8323 entry concerns Ventem’s e-School platform, where an Arbitrary File Upload vulnerability allows unauthenticated remote attackers to upload and execute a web shell, enabling arbitrary code execution on the server. The vulnerability is linked to a flaw in the file-upload flow, with...
CVE-2025-8323 Ventem|e-School - Arbitrary File Upload
The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-8322 Ventem|e-School - Missing Authorization
The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting accounts. They can even escalate any account to system administrator privilege...
CVE-2025-8322 Ventem|e-School - Missing Authorization
The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting accounts. They can even escalate any account to system administrator privilege...
CVE-2025-8322
The CVE-2025-8322 entry concerns Ventem’s e-School platform (e-School) with a Missing Authorization vulnerability. Descriptions across multiple sources consistently state that remote attackers operating with regular privileges can access administrator functions—creating, modifying, and deleting a...
Ventem e-School 代码问题漏洞
Ventem e-School is a smart school platform from Feiyu Hi-Tech Ventem of Taiwan, China. A code issue vulnerability exists in Ventem e-School, which originates from the arbitrary file upload feature and could lead to remote code execution...
PT-2025-31375 · Ventem · E-School
Name of the Vulnerable Software and Affected Versions: e-School from Ventem affected versions not specified Description: The e-School from Ventem has an Arbitrary File Upload vulnerability. This allows unauthenticated remote attackers to upload and execute web shell backdoors, enabling arbitrary...
PT-2025-31374 · E-School · E-School
Name of the Vulnerable Software and Affected Versions: e-School affected versions not specified Description: The e-School system contains a missing authorization flaw. This allows remote attackers with regular privileges to access administrator functions, including creating, modifying, and deleti...
Ventem e-School 安全漏洞
Ventem e-School is a smart school platform from Feiyu Hi-Tech Ventem of Taiwan, China. A security vulnerability exists in Ventem e-School, which stems from a lack of authorization checking and could lead to elevated privileges...
CVE-2006-1418
Cross-site scripting XSS vulnerability in default.asp in Caloris Planitia E-School Management System 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in default.asp in Caloris Planitia E-School Management System 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2006-1418
Cross-site scripting XSS vulnerability in default.asp in Caloris Planitia E-School Management System 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2006-1418
CVE-2006-1418 is an XSS vulnerability in Caloris Planitia E-School Management System 1.0 and earlier, exploitable via the msg parameter of default.asp. The affected component is the web application’s default.asp page; root cause is improper handling/encoding of user-supplied input leading to scri...
E-School Management System XSS vuln. and Web Quiz pro XSS vuln.
E-School Management System XSS vuln. Vuln. discovered by : r0t Date: 27 march 2006 vendor:www.calorisplanitia.com/e-school-management-system.aspx affected versions: 1.0 and prior orginal advisory: http://pridels.blogspot.com/2006/03/e-school-management-system-xss-vuln.html Vuln. description:...