Lucene search
K

195 matches found

EUVD
EUVD
added 2026/02/03 4:56 p.m.5 views

EUVD-2026-5239

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

6.5CVSS5.3AI score0.00207EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/03 4:56 p.m.29 views

CVE-2026-24670 Open eClass Has Broken Access Control in Course Units Module Allows Students to Create Units

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

6.5CVSS0.00207EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 4:56 p.m.5 views

CVE-2026-24670

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

6.5CVSS5.3AI score0.00207EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 4:56 p.m.3 views

CVE-2026-24670 Open eClass Has Broken Access Control in Course Units Module Allows Students to Create Units

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

6.5CVSS5.3AI score0.00207EPSS
Exploits1References1
CVE
CVE
added 2026/02/03 4:56 p.m.12 views

CVE-2026-24670

The CVE-2026-24670 entry covers the Open eClass platform (formerly GUnet eClass). Affected versions are those prior to 4.2 where a broken access control vulnerability permits authenticated students to create new course units, an action normally restricted to higher-privilege roles. The issue has ...

6.5CVSS5.3AI score0.00207EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/02/03 4:56 p.m.6 views

CVE-2026-24670 Open eClass Has Broken Access Control in Course Units Module Allows Students to Create Units

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a broken access control vulnerability allows authenticated students to create new course units, an action normally restricted to higher-privileged roles. This issue has been patch...

6.5CVSS5.3AI score0.00207EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/03 4:56 p.m.2 views

CVE-2026-24664 Open eClass is Vulnerable to Username Enumeration via Login Response Discrepancies

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

5.3CVSS5.3AI score0.0025EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 4:56 p.m.3 views

CVE-2026-24664

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

5.3CVSS5.3AI score0.0025EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/02/03 4:56 p.m.21 views

CVE-2026-24664

Open eClass (formerly GUnet eClass) is affected prior to version 4.2 by a username enumeration issue where unauthenticated attackers can determine valid accounts by observing differences in login responses. The vulnerability specifically involves the login workflow, including the /login endpoint,...

5.3CVSS5.3AI score0.0025EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/02/03 4:56 p.m.8 views

EUVD-2026-5240

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

5.3CVSS5.3AI score0.0025EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/03 4:56 p.m.31 views

CVE-2026-24664 Open eClass is Vulnerable to Username Enumeration via Login Response Discrepancies

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

5.3CVSS0.0025EPSS
Exploits1References1
OSV
OSV
added 2026/02/03 4:56 p.m.6 views

CVE-2026-24664 Open eClass is Vulnerable to Username Enumeration via Login Response Discrepancies

The Open eClass platform formerly known as GUnet eClass is a complete course management system. Prior to version 4.2, a username enumeration vulnerability allows unauthenticated attackers to identify valid user accounts by analyzing differences in the login response behavior. This issue has been...

5.3CVSS5.3AI score0.0025EPSS
Exploits1References3
CVE
CVE
added 2026/02/03 4:52 p.m.14 views

CVE-2020-37112

CVE-2020-37112 affects GUnet OpenEclass 1.7.3. The provided documents describe multiple SQL injection vulnerabilities in the agenda module and other endpoints, exploitable by authenticated attackers to manipulate queries and extract sensitive data via error-based or time-based techniques (via the...

7.1CVSS5.6AI score0.00274EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/02/03 4:52 p.m.6 views

EUVD-2020-30983

GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated parameters. Attackers can exploit the 'month' parameter in the agenda module and other endpoints to extract sensitive database information...

7.1CVSS5.6AI score0.00274EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.6 views

Open eClass 访问控制错误漏洞

Open eClass is an e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained a security vulnerability related to access control. This vulnerability resulted from improper access control mechanisms, which could allow authenticated students to...

6.5CVSS5.8AI score0.00207EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

Open eClass 跨站请求伪造漏洞

Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from cross-site request forgery occurring at multiple teacher-restricted endpoints,...

6.5CVSS5.7AI score0.00151EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.12 views

PT-2026-6206

Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A Reflected Cross-Site Scripting XSS issue exists in versions prior to 4.2, potentially allowing remote...

4.7CVSS5.9AI score0.0018EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.8 views

Open eClass 跨站脚本漏洞

Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from stored cross-site scripts in multiple user-controllable input fields, which could allo...

6.1CVSS5.6AI score0.00182EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.6 views

PT-2026-6201

Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A flaw in the password reset process in versions prior to 4.2 allows a local attacker to reuse a valid...

7.8CVSS5.3AI score0.00151EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.9 views

PT-2026-6198

Name of the Vulnerable Software and Affected Versions Open eClass versions prior to 4.2 Description The Open eClass platform, previously known as GUnet eClass, is a course management system. A Cross-Site Request Forgery CSRF issue exists in teacher-restricted endpoints prior to version 4.2. This...

6.5CVSS5.5AI score0.00151EPSS
Exploits1References6
Rows per page
Query Builder