CVE-2026-22241

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables an attacker with administrative privileges to upload arbitrary files on the server's file system...

CVE-2020-24381

GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...

CVE-2026-22241

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables an attacker with administrative privileges to upload arbitrary files on the server's file system...

CVE-2026-22241

The CVE concerns Open eClass (GUnet eClass) before version 4.2, where an arbitrary file upload vulnerability in the theme import feature allowed an attacker with administrative privileges to place files on the server’s filesystem. The root cause is lack of validation/sanitization of files inside ...

CVE-2026-22241 Open eClass has Unrestricted File Upload that Leads to Remote Code Execution (RCE)

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables an attacker with administrative privileges to upload arbitrary files on the server's file system...

CVE-2026-22241 Open eClass has Unrestricted File Upload that Leads to Remote Code Execution (RCE)

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables an attacker with administrative privileges to upload arbitrary files on the server's file system...

EUVD-2026-1672

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables an attacker with administrative privileges to upload arbitrary files on the server's file system...

CVE-2026-22241 Open eClass has Unrestricted File Upload that Leads to Remote Code Execution (RCE)

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables an attacker with administrative privileges to upload arbitrary files on the server's file system...

Open eClass 安全漏洞

Open eClass is an open source eClass system from Greek Universities Network. A security vulnerability exists in versions of Open eClass prior to 4.2, which stems from a lack of file validation in the theme import feature and could lead to remote code execution...

PT-2026-2178

Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. Prior to version 4.2, a flaw exists in the theme import functionality that allows an attacker with...

EUVD-2019-19240

Malware in sbrugna...

EUVD-2020-17113

Malware in sbrugna...

EUVD-2019-19242

Malware in sbrugna...

EUVD-2019-19241

Malware in sbrugna...

EUVD-2024-37394

Malicious code in bioql PyPI...

EUVD-2022-36169

Malicious code in bioql PyPI...

EUVD-2021-31112

Malicious code in bioql PyPI...

CVE-2024-26503

Unrestricted File Upload vulnerability in Greek Universities Network Open eClass v.3.15 and earlier allows attackers to run arbitrary code via upload of crafted file to certbadge.php endpoint...

CVE-2022-33116

An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...

CVE-2024-38530

The Open eClass platform formerly known as GUnet eClass is a complete Course Management System. An arbitrary file upload vulnerability in the "save" functionality of the H5P module enables unauthenticated users to upload arbitrary files on the server's filesystem. This may lead in unrestricted RC...