CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

ATTACKERKB•added 2026/01/30 4:16 p.m.•2 views

CVE-2020-36998

Forma.lms The E-Learning Suite 2.3.0.2 contains a persistent cross-site scripting vulnerability in multiple course and profile parameters. Attackers can inject malicious scripts in course code, name, description fields, and email parameter to execute arbitrary JavaScript without proper input...

6.4CVSS6AI score0.00055EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-19338

Malware in sbrugna...

8.8CVSS8.6AI score0.00138EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 4:34 p.m.•4 views

CVE-2020-26802

forma.lms 2.3.0.2 is affected by Cross Site Request Forgery CSRF in formalms/appCore/index.php?r=lms/profile/show≈=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover...

8.8CVSS7AI score0.00138EPSS

Exploits1

NVD•added 2020/10/08 5:15 p.m.•11 views

CVE-2020-26802

forma.lms 2.3.0.2 is affected by Cross Site Request Forgery CSRF in formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover...

8.8CVSS0.00138EPSS

Exploits1References1

Prion•added 2020/10/08 5:15 p.m.•16 views

Cross site request forgery (csrf)

6.8CVSS8.6AI score0.00138EPSS

Exploits1References1Affected Software1

Cvelist•added 2020/10/08 4:38 p.m.•15 views

CVE-2020-26802

8.7AI score0.00138EPSS

Exploits1References1

CVE•added 2020/10/08 4:38 p.m.•47 views

CVE-2020-26802

The CVE-2020-26802 entry affects forma.lms 2.3.0.2, where a Cross Site Request Forgery (CSRF) vulnerability is exploitable through a GET request to formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo to change the admin email address and potentially take over the account. The issue is docum...

8.8CVSS8.6AI score0.00138EPSS

Exploits1References1Affected Software1

0day.today•added 2020/05/19 12:0 a.m.•49 views

forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting Exploit Author: Daniel Ortiz Vendor Homepage: https://sourceforge.net/projects/forma/ Software link:...

7.1AI score

Exploits0

Packet Storm•added 2020/05/18 12:0 a.m.•157 views

Forma.LMS The E-Learning Suite 2.3.0.2 Cross Site Scripting

Exploit Title: forma.lms The E-Learning Suite 2.3.0.2 - Persistent Cross-Site Scripting Date: 2020-05-15 Exploit Author: Daniel Ortiz Vendor Homepage: https://sourceforge.net/projects/forma/ Software link: https://sourceforge.net/projects/forma/files/latest/download Tested on: XAMPP for Linux 64b...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by