CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

CVE-2025-7708

Insertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd. Co. K12net allows Communication Channel Manipulation.This issue affects k12net: through 09022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

CVE-2025-7708 Sensitive Data Exposure in Atlas Software's k12net

Insertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd. Co. K12net allows Communication Channel Manipulation. This issue affects k12net: through 09022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

CVE-2025-11551

A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

CVE-2025-8346 Portabilis i-Educar educar_aluno_lst.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /educaralunolst.php. The manipulation of the argument refcodmatricula with the input " leads to cross site scripting. The attack may b...

Open Solutions For Education OS4Ed OpenSIS 安全漏洞

Open Solutions For Education OS4Ed OpenSIS is commercial grade, secure, scalable and intuitive student information system, school management software from Open Solutions For Education, USA. Has all the features to run single or multiple organizations in one installation. Web-based, php code, MySQ...

Open Solutions For Education OS4Ed OpenSIS SQL注入漏洞

Open Solutions For Education OS4Ed OpenSIS is commercial grade, secure, scalable and intuitive student information system, school management software from Open Solutions For Education, USA. With all the features to run single or multiple organizations in one installation. Web-based, php code, MyS...

INE Secures Spot in G2’s 2025 Top 50 Education Software Rankings

Cary, NC, 25th February 2025, CyberNewsWire...

MAL-2025-650 Malicious code in educationpurpose (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Open Solutions For Education OpenSis-Classic 安全漏洞

Open Solutions For Education OpenSis-Classic is an open source commercial-grade, secure, scalable and intuitive student information system, school management software from Open Solutions For Education, USA. A security vulnerability exists in Open Solutions For Education OpenSis-Classic v9.1. An...

Idea IdeaLMS Cross-Site Scripting Vulnerability

IdeaLMS is an educational and learning management software from Idea. A cross-site scripting vulnerability exists in Idea IdeaLMS version 2022, which can be exploited by an attacker to execute JavaScript code on the client side...

Finding 0-days with Jackalope

ARCHIVED STORY Finding 0-days with Jackalope By Douglas McKee · September 16, 2021 Overview On March 21st, 2021, the McAfee Enterprise Advanced Threat Research ATR team released several vulnerabilities it discovered in the Netop Vision Pro Education software, a popular schooling software used by...

Zhengzhou Weixia Computer Technology Co., Ltd. learning platform has a logic flaw vulnerability

Zhengzhou Weixia Computer Technology Co., Ltd. is a company mainly engaged in the development of online education software. Zhengzhou Weixia Computer Technology Co., Ltd. learning platform has a logic flaw vulnerability that can be exploited by attackers to bypass the authentication mechanism to...

SQL Injection Vulnerability in the Website Building System of Anhui Fishing Blue Education Software Technology Co.

Anhui Fishing Blue Education Software Technology Co., Ltd. is a science and technology enterprise specializing in secondary vocational education technology research and education informatization software research and development. There is a SQL injection vulnerability in the website building syst...

SQL Injection Vulnerability in the Website Building System of Anhui Fishing Blue Education Software Technology Co.

Anhui Fishing Blue Education Software Technology Co., Ltd. is a science and technology enterprise specializing in secondary vocational education technology research and education informatization software research and development. There is a SQL injection vulnerability in the website building syst...

Logical flaws exist in the comprehensive information management platform of vocational schools of Sichuan Wanbo Education Software Co.

Sichuan Wanbo Education Software Company Limited was founded on February 16, 2015 . The company's business scope includes: the following scope does not include pre-licensed items, post-licensed items with permits or approval documents software and information technology services, social and...

File Upload Vulnerability in Nanjing Guanbang Network Technology Co.

Nanjing Guanbang Network Technology Co., Ltd. was founded in September 2004, is a private software enterprise through the Jiangsu Provincial Information Industry Department of double-soft recognition. It is mainly engaged in the research and development and sales of education and teaching softwar...

SQL Injection Vulnerability in UFIDA GRP-U8 Higher Education Internal Control Management Software of Beijing UFIDA Administrative Software Co.

Beijing UFIDA Government Software Co., Ltd. was jointly established by UFIDA Group and the Institute of Fiscal Science of the Ministry of Finance, and is an all-around business management informatization solution provider for government departments, institutions and non-profit organizations. A SQ...

SQL Injection Vulnerability in Personnel Payroll System of School Worry Free Software Technology Co. Ltd (CNVD-2020-45140)

School Worry-free Software Technology Co., Ltd. is a high-tech development team engaged in the research and system development of educational software teaching applications. A SQL injection vulnerability exists in the personnel payroll system of SchoolWorryFree Software Technology Limited, which...

File upload vulnerability in the website building system of Anhui Fishing Blue Education Software Technology Co.

Anhui Fishing Blue Education Software Technology Co., Ltd. is a science and technology enterprise specializing in secondary vocational education technology research and education informatization software research and development, and is one of the first batch of listed enterprises in Anhui Provin...