7 matches found
CVE-2022-33116
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
Directory traversal
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
CVE-2022-33116
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
CVE-2022-33116
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
CVE-2020-24381
GUnet Open eClass Platform (openeclass) prior to 3.11 is vulnerable to reading submitted assessments due to directory listing not being blocked and the data directory being inside the web root. This could allow remote attackers to access student submissions. The affected product/version is public...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...