CVE-2026-24670 Open eClass Has Broken Access Control in Course Units Module Allows Students to Create Units

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

EUVD-2026-5239

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

CVE-2026-24670 Open eClass Has Broken Access Control in Course Units Module Allows Students to Create Units

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

CVE-2026-24670

The CVE-2026-24670 entry covers the Open eClass platform (formerly GUnet eClass). Affected versions are those prior to 4.2 where a broken access control vulnerability permits authenticated students to create new course units, an action normally restricted to higher-privilege roles. The issue has ...

CVE-2026-24670

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

CVE-2026-24670 Open eClass Has Broken Access Control in Course Units Module Allows Students to Create Units

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

CVE-2026-24664 Open eClass is Vulnerable to Username Enumeration via Login Response Discrepancies

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

CVE-2026-24664 Open eClass is Vulnerable to Username Enumeration via Login Response Discrepancies

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

CVE-2026-24664

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

CVE-2026-24664

Open eClass (formerly GUnet eClass) is affected prior to version 4.2 by a username enumeration issue where unauthenticated attackers can determine valid accounts by observing differences in login responses. The vulnerability specifically involves the login workflow, including the /login endpoint,...

EUVD-2026-5240

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

CVE-2026-24664 Open eClass is Vulnerable to Username Enumeration via Login Response Discrepancies

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

CVE-2020-37112

CVE-2020-37112 affects GUnet OpenEclass 1.7.3. The provided documents describe multiple SQL injection vulnerabilities in the agenda module and other endpoints, exploitable by authenticated attackers to manipulate queries and extract sensitive data via error-based or time-based techniques (via the...

EUVD-2020-30983

GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated parameters. Attackers can exploit the 'month' parameter in the agenda module and other endpoints to extract sensitive database information...

PT-2026-6197

Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A stored Cross-Site Scripting XSS issue exists in versions before 4.2, enabling authenticated students to...

PT-2026-6202

Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A broken access control issue permits authenticated students to create new course units, a function...

Open eClass 跨站脚本漏洞

Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the storage of cross-site scripts in user profile fields, which could allow...

Open eClass 代码问题漏洞

Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 had code vulnerabilities; these vulnerabilities stemmed from a bypass in file upload validation, allowing attackers to upload files with prohibited extensions using Z...

Open eClass 安全漏洞

Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained security vulnerabilities; these vulnerabilities stemmed from username enumeration, which could lead to the identification of valid user accounts...

PT-2026-6205

Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A file upload validation bypass allows attackers to upload files with restricted extensions by including...