3 matches found
CVE-2026-25057 Zip Slip in MarkUs config upload allowing RCE
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration courses//assignments/uploadconfigfiles. The uploaded zip file entry names are used to create paths to...
PT-2026-7131
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, the courses//assignments//submissions/html content accepted a select file id parameter to serve SubmissionFile objects containing a record of files submitted by students. This parameter was not...
WordPress IssueM Plugin <= 2.9.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin IssueM versions = 2.9.0...