CVE-2026-4574

A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now...

EUVD-2026-14363

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

CVE-2026-4574

A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now...

CVE-2026-4574 SourceCodester Simple E-learning System User Profile Update sql injection

A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now...

CVE-2026-4573

SourceCodester Simple E-learning System 1.0 contains a SQL injection in the HTTP GET parameter handler for delete_post.php (parameter post_id) evaluated by /includes/form_handlers/delete_post.php. This vulnerability allows remote exploitation and is publicly disclosed. The CVSS-derived metrics in...

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system developed by Carlo Montero. Version 1.0 of Simple E-Learning System has a SQL injection vulnerability. This vulnerability arises from improper handling of the postid parameter in the HTTP GET Parameter Handler component located in the file...

Simple E-Learning System SQL注入漏洞

Simple E-Learning System is a simple e-learning system developed by Carlo Montero as an individual project. Version 1.0 of Simple E-Learning System has a SQL injection vulnerability. This vulnerability stems from improper handling of the firstName parameter in the User Profile Update Handler...

CVE-2019-25320

CVE-2019-25320 affects E Learning Script 1.0. The vulnerability is an authentication bypass in the login mechanism via the /login.php endpoint, where a crafted payload (e.g. "=' or '") allows an attacker to bypass valid credentials and access the dashboard. Per provided metrics, CVSS v3.1 base sc...

CVE-2019-25320 elearning-script 1.0 - Authentication Bypass

E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard without valid credentials by manipulating login parameters. Attackers can exploit the /login.php file by sending a specific payload '=''or' to bypass authentication and gain...

CVE-2019-25320 elearning-script 1.0 - Authentication Bypass

E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard without valid credentials by manipulating login parameters. Attackers can exploit the /login.php file by sending a specific payload '=''or' to bypass authentication and gain...

CVE-2019-25320

E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard without valid credentials by manipulating login parameters. Attackers can exploit the /login.php file by sending a specific payload '=''or' to bypass authentication and gain...

elearning-script SQL注入漏洞

elearning-script is an e-learning blog developed by Amit Kollol Dey. Version 1.0 of elearning-script has a SQL injection vulnerability, which stems from incorrect handling of login parameters in the /login.php file. This vulnerability could lead to authentication bypasses...

EUVD-2020-30942

e-Learning PHP Script 0.1.0 contains a SQL injection vulnerability in the search functionality that allows attackers to manipulate database queries through unvalidated user input. Attackers can inject malicious SQL code in the 'search' parameter to potentially extract, modify, or access sensitive...

elearning-script SQL injection vulnerability

elearning-script is an e-learning blog developed by Amit Kollol Dey. Version 0.1.0 of elearning-script has a SQL injection vulnerability. This vulnerability arises from the lack of validation for user input in the search function, which may lead to SQL injection attacks...

WordPress Academy LMS plugin <= 3.5.0 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by vgo0 in WordPress Plugin Academy LMS versions = 3.5.0...

WordPress Plugin Academy LMS – WordPress LMS Plugin for a Complete eLearning Solution Security Vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

PT-2026-3438

A flaw has been found in SourceCodester E-Learning System 1.0. This impacts an unknown function of the file /admin/modules/lesson/index.php of the component Lesson Module Handler. Executing a manipulation of the argument Title/Description can lead to basic cross site scripting. The attack can be...

EUVD-2012-2902

Malware in sbrugna...

EUVD-2021-11096

Malware in sbrugna...

EUVD-2012-2903

Malware in sbrugna...