21 matches found
PT-2026-25769
An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...
CVE-2025-65734
The CVE-2025-65734 entry concerns gunet Open eClass. An authenticated arbitrary file upload vulnerability exists in the Courses/Work Assignments module, allowing code execution via a crafted SVG file. Affected version v3.11; fixed in v3.13. The issue requires authentication and uses a crafted SVG...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
EUVD-2020-17113
Malware in sbrugna...
EUVD-2022-36169
Malicious code in bioql PyPI...
CVE-2022-33116
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
CVE-2022-33116
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
CVE-2022-33116
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
Directory traversal
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
CVE-2022-33116
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
GUnet Open eClass Platform 路径遍历漏洞
GUnet Open eClass Platform is an integrated course management system for GUnet eClass. A security vulnerability exists in GUnet Open eClass Platform aka openeclass version v3.12.4 and earlier. An attacker can exploit this vulnerability to read arbitrary files via directory traversal via the jmpat...
CVE-2021-44266
GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...
CVE-2021-44266
GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...
CVE-2021-44266
GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...
CVE-2021-44266
CVE-2021-44266 affects GUnet Open eClass (openeclass) prior to version 3.12.2. The vulnerability is an XSS flaw exploitable via the modules/auth/formuser.php auth parameter. Root cause and remediation details are not provided in the supplied documents.
GUnet Open eClass Platform 跨站脚本漏洞
GUnet Open eClass Platform is an integrated course management system for GUnet eClass. A security vulnerability exists in GUnet Open eClass Platform openeclass versions prior to 3.12.2, which can be exploited by attackers to conduct XSS attacks via the modules/auth/formuser.php auth parameter...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
Design/Logic Flaw
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...