elearning-esperancadelagos.dlc.pt Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1106926 Security Researcher Gh05tPT Helped patch 6901 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting...

elearning-script 1.0 - Authentication Bypass

Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: E...

elearning-script 1.0 - Authentication Bypass

elearning-script 1.0 - Authentication Bypass Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version:...

elearning-script 1.0 - Authentication Bypass Vulnerability

Exploit for windows platform in category web applications Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1...

elearning-script 1.0 SQL Injection

Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: E...

gsiselearning.gsis.com.au Improper Access Control vulnerability

Security Researcher Pseudo-X Helped patch 5 vulnerabilities Received 0 Coordinated Disclosure badges , found a security vulnerability affecting gsiselearning.gsis.com.au website and its users. Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Ope...

CVE-2019-11062

The SUNNET WMPro v5.0 and v5.1 for eLearning system has OS Command Injection via "/teach/course/doajaxfileupload.php". The target server can be exploited without authentication...

Command injection

The SUNNET WMPro v5.0 and v5.1 for eLearning system has OS Command Injection via "/teach/course/doajaxfileupload.php". The target server can be exploited without authentication...

CVE-2019-11062 SUNNET WMPro v5.0 and v5.1 has OS Command Injection

The SUNNET WMPro v5.0 and v5.1 for eLearning system has OS Command Injection via "/teach/course/doajaxfileupload.php". The target server can be exploited without authentication...

CVE-2019-11062

The CVE-2019-11062 entry affects SUNNET WMPro v5.0 and v5.1 for the eLearning system. Affected component: the API endpoint /teach/course/doajaxfileupload.php, where OS Command Injection is possible. Root cause described as unauthenticated remote command execution on the target server. Impact is h...

The vulnerability of the eLearning Server 4G system management and development system lies in the lack of checks on the input data for HTML tags. This allows a malicious individual to alter the main text of web pages or execute arbitrary code in the user’s browser.

The vulnerability of the eLearning Server 4G system management and development system is related to the lack of checks on the input data for the presence of HTML tags including a tag containing JavaScript code. Exploiting this vulnerability could allow an attacker to modify the main text of the...

The vulnerability of the eLearning Server 4G system regarding access control allows a hacker to gain access and modify the user’s portfolio.

The vulnerability of the eLearning Server 4G system management and development framework is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access—and modify—user portfolios by altering the value of the user identifier in HTTP request...

The vulnerability of the eLearning Server 4G system in terms of access control deficiencies allows an intruder to gain access to the user’s file storage.

The vulnerability of the eLearning Server 4G system for managing learning and development is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to the user’s file storage by replacing the parameters of the current user’s identifie...

The vulnerability of the eLearning Server 4G system management and development framework lies in the lack of checks on input data for HTML tags. This allows attackers to alter settings in users’ personal dashboards or execute arbitrary codes.

The vulnerability of the eLearning Server 4G system management and development framework lies in the lack of checks on the input data for the presence of HTML tags, including a tag containing JavaScript code. Exploiting this vulnerability could allow an attacker to modify the settings of a user’s...

elearning.un.org XSS vulnerability

Open Bug Bounty ID: OBB-675494 Description| Value ---|--- Affected Website:| elearning.un.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

elearning.rcgp.org.uk XSS vulnerability

Open Bug Bounty ID: OBB-639516 Description| Value ---|--- Affected Website:| elearning.rcgp.org.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ILIAS < 5.1.27, 5.2.16, 5.3.5 Multiple Vulnerabilities

ILIAS eLearning is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

alrowad.sa XSS vulnerability

Open Bug Bounty ID: OBB-596282 Description| Value ---|--- Affected Website:| alrowad.sa Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

elearning-kompetenzzentrum.de XSS vulnerability

Open Bug Bounty ID: OBB-593523 Description| Value ---|--- Affected Website:| elearning-kompetenzzentrum.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

elearn.eb.com XSS vulnerability

Open Bug Bounty ID: OBB-552767 Description| Value ---|--- Affected Website:| elearn.eb.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...