Lucene search
K

183 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-42290

Malicious code in bioql PyPI...

7.4CVSS7.5AI score0.00219EPSS
Exploits0References1
NVD
NVD
added 2025/09/08 11:15 p.m.6 views

CVE-2025-10111

A security flaw has been discovered in itsourcecode Student Information Management System 1.0. The affected element is an unknown function of the file /admin/modules/instructor/index.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploi...

9.8CVSS0.00387EPSS
Exploits1References5
OSV
OSV
added 2025/09/08 11:15 p.m.4 views

CVE-2025-10111

A security flaw has been discovered in itsourcecode Student Information Management System 1.0. The affected element is an unknown function of the file /admin/modules/instructor/index.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploi...

9.8CVSS5.8AI score0.00387EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/08 11:2 p.m.4 views

CVE-2025-10111 itsourcecode Student Information Management System index.php sql injection

A security flaw has been discovered in itsourcecode Student Information Management System 1.0. The affected element is an unknown function of the file /admin/modules/instructor/index.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploi...

7.5CVSS6.9AI score0.00387EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/08 11:2 p.m.11 views

CVE-2025-10111 itsourcecode Student Information Management System index.php sql injection

A security flaw has been discovered in itsourcecode Student Information Management System 1.0. The affected element is an unknown function of the file /admin/modules/instructor/index.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploi...

7.5CVSS0.00387EPSS
Exploits1References5
CVE
CVE
added 2025/09/08 11:2 p.m.18 views

CVE-2025-10111

CVE-2025-10111 affects itsourcecode Student Information Management System 1.0. The vulnerable component is the file /admin/modules/instructor/index.php, where manipulation of the ID parameter enables SQL injection. The flaw is exploitable remotely and public exploits exist. Mitigation/workaround ...

9.8CVSS7.3AI score0.00387EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:7 a.m.3 views

CVE-2024-5395

A vulnerability was found in itsourcecode Online Student Enrollment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file listofinstructor.php. The manipulation of the argument FullName leads to sql injection. The attack may be initiated remotely. The...

8.8CVSS7.8AI score0.00614EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:6 a.m.3 views

CVE-2024-5397

A vulnerability classified as critical was found in itsourcecode Online Student Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of the file instructorSubjects.php. The manipulation of the argument instructorId leads to sql injection. The attack can be launched...

8.8CVSS7.9AI score0.00622EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:38 a.m.5 views

CVE-2024-48530

An issue in the Instructor Appointment Availability module of eSoft Planner 3.24.08271-USA allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS6.9AI score0.0056EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:34 a.m.16 views

CVE-2024-5973

The MasterStudy LMS WordPress Plugin WordPress plugin before 3.3.24 does not prevent students from creating instructor accounts, which could be used to get access to functionalities they shouldn't have...

9.1CVSS6.7AI score0.00493EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.8 views

CVE-2020-11511

The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter...

8.1CVSS8AI score0.03209EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:23 a.m.10 views

CVE-2019-12170

ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/core/backups/upload.php aka backup component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PH...

9CVSS7.7AI score0.08749EPSS
Exploits3References1
Spring Security Advisories
Spring Security Advisories
added 2025/05/01 12:0 a.m.9 views

A Bootiful Podcast: Spring instructor Mary Ellen Bowman

Hi, Spring fans! In this installment I talk to Mary Ellen Bowman, a legendary Spring instructor!...

7.1AI score
Exploits0
OSV
OSV
added 2025/01/25 8:15 a.m.2 views

CVE-2024-13599

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.7.5 due to insufficient input sanitization and output escaping of a lesson name. This makes it possible for authenticated attackers, with LP...

5.4CVSS7.4AI score0.00295EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/25 7:24 a.m.27 views

CVE-2024-13599 LearnPress – WordPress LMS Plugin <= 4.2.7.5 - Authenticated (LP Instructor+) Stored Cross-Site Scripting via Lesson Name

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.7.5 due to insufficient input sanitization and output escaping of a lesson name. This makes it possible for authenticated attackers, with LP...

6.4CVSS0.00295EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2025/01/12 12:0 a.m.135 views

CISA: VILT Fact Sheet

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2024/12/17 10:30 p.m.4 views

WordPress WPLMS plugin < 1.9.9.5.2 - Instructor+ Arbitrary File Upload vulnerability

Instructor+ Arbitrary File Upload vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WPLMS versions 1.9.9.5.2...

9.1CVSS7AI score0.00557EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/12/17 10:29 p.m.7 views

WordPress WPLMS plugin < 1.9.9.5.3 - Instructor+ SQL Injection vulnerability

Instructor+ SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WPLMS versions 1.9.9.5.3...

8.8CVSS8.1AI score0.00417EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/25 7:19 p.m.25 views

CVE-2024-53258 download_all_submissions allows student to download another student's submissions in Autolab

Autolab is a course management service that enables auto-graded programming assignments. From Autolab versions v.3.0.0 onward students can download all assignments from another student, as long as they are logged in, using the downloadallsubmissions feature. This can allow for leakage of...

7.1CVSS6.7AI score0.00469EPSS
Exploits0References2
CVE
CVE
added 2024/11/21 6:49 a.m.68 views

CVE-2024-10393

CVE-2024-10393 affects the WordPress Tutor LMS plugin, vulnerable in versions

5.3CVSS5.2AI score0.00563EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder