CVE-2019-25320 elearning-script 1.0 - Authentication Bypass

E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard without valid credentials by manipulating login parameters. Attackers can exploit the /login.php file by sending a specific payload '=''or' to bypass authentication and gain...

CVE-2019-25320 elearning-script 1.0 - Authentication Bypass

E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard without valid credentials by manipulating login parameters. Attackers can exploit the /login.php file by sending a specific payload '=''or' to bypass authentication and gain...

CVE-2019-25320

CVE-2019-25320 affects E Learning Script 1.0. The vulnerability is an authentication bypass in the login mechanism via the /login.php endpoint, where a crafted payload (e.g. "=' or '") allows an attacker to bypass valid credentials and access the dashboard. Per provided metrics, CVSS v3.1 base sc...

CVE-2019-25320

E Learning Script 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard without valid credentials by manipulating login parameters. Attackers can exploit the /login.php file by sending a specific payload '=''or' to bypass authentication and gain...

elearning-script SQL注入漏洞

elearning-script is an e-learning blog developed by Amit Kollol Dey. Version 1.0 of elearning-script has a SQL injection vulnerability, which stems from incorrect handling of login parameters in the /login.php file. This vulnerability could lead to authentication bypasses...

EUVD-2020-30942

e-Learning PHP Script 0.1.0 contains a SQL injection vulnerability in the search functionality that allows attackers to manipulate database queries through unvalidated user input. Attackers can inject malicious SQL code in the 'search' parameter to potentially extract, modify, or access sensitive...

elearning-script SQL injection vulnerability

elearning-script is an e-learning blog developed by Amit Kollol Dey. Version 0.1.0 of elearning-script has a SQL injection vulnerability. This vulnerability arises from the lack of validation for user input in the search function, which may lead to SQL injection attacks...

elearning-script 1.0 - Authentication Bypass

Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: E...

elearning-script 1.0 - Authentication Bypass

elearning-script 1.0 - Authentication Bypass Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version:...

elearning-script 1.0 SQL Injection

Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: E...