Lucene search
K

196 matches found

CVE
CVE
added 2022/06/27 8:42 p.m.71 views

CVE-2022-33116

CVE-2022-33116 affects GUnet Open eClass Platform (openeclass) up to v3.12.4. The vulnerability resides in the jmpath variable in /modules/mindmap/index.php, enabling directory traversal to read arbitrary files. Public records across NVD, Red Hat, OSV, CVE lists, and other sources consistently de...

6.5CVSS6.3AI score0.01679EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/06/27 8:42 p.m.19 views

CVE-2022-33116

An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...

6.5CVSS6.8AI score0.01679EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.4 views

GUnet Open eClass Platform 路径遍历漏洞

GUnet Open eClass Platform is an integrated course management system for GUnet eClass. A security vulnerability exists in GUnet Open eClass Platform aka openeclass version v3.12.4 and earlier. An attacker can exploit this vulnerability to read arbitrary files via directory traversal via the jmpat...

6.5CVSS6.7AI score0.01679EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2022/06/11 3:15 p.m.2 views

CVE-2021-44266

GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...

6.1CVSS6.3AI score0.00978EPSS
Exploits1References4
NVD
NVD
added 2022/06/11 3:15 p.m.29 views

CVE-2021-44266

GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...

6.1CVSS0.00978EPSS
Exploits1References3
OSV
OSV
added 2022/06/11 3:15 p.m.22 views

CVE-2021-44266

GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...

6.1CVSS5.8AI score0.00978EPSS
Exploits1References3
Prion
Prion
added 2022/06/11 3:15 p.m.13 views

Design/Logic Flaw

GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...

4.3CVSS6AI score0.00978EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/06/11 2:50 p.m.26 views

CVE-2021-44266

GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...

6.2AI score0.00978EPSS
Exploits1References3
CVE
CVE
added 2022/06/11 2:50 p.m.59 views

CVE-2021-44266

CVE-2021-44266 affects GUnet Open eClass (openeclass) prior to version 3.12.2. The vulnerability is an XSS flaw exploitable via the modules/auth/formuser.php auth parameter. Root cause and remediation details are not provided in the supplied documents.

6.1CVSS5.9AI score0.00978EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2022/06/11 12:0 a.m.6 views

GUnet Open eClass Platform 跨站脚本漏洞

GUnet Open eClass Platform is an integrated course management system for GUnet eClass. A security vulnerability exists in GUnet Open eClass Platform openeclass versions prior to 3.12.2, which can be exploited by attackers to conduct XSS attacks via the modules/auth/formuser.php auth parameter...

6.1CVSS6.2AI score0.00978EPSS
Exploits1References4
NVD
NVD
added 2020/08/19 12:15 p.m.28 views

CVE-2020-24381

GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...

7.5CVSS7.5AI score0.01356EPSS
Exploits1References2
OSV
OSV
added 2020/08/19 12:15 p.m.21 views

CVE-2020-24381

GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...

7.5CVSS7AI score0.01356EPSS
Exploits1References2
Prion
Prion
added 2020/08/19 12:15 p.m.14 views

Design/Logic Flaw

GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...

4.3CVSS7.5AI score0.01356EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/08/19 11:50 a.m.47 views

CVE-2020-24381

GUnet Open eClass Platform (openeclass) prior to 3.11 is vulnerable to reading submitted assessments due to directory listing not being blocked and the data directory being inside the web root. This could allow remote attackers to access student submissions. The affected product/version is public...

7.5CVSS7.4AI score0.01356EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/08/19 11:50 a.m.36 views

CVE-2020-24381

GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...

7.5AI score0.01356EPSS
Exploits1References2
CNVD
CNVD
added 2017/04/05 12:0 a.m.5 views

Open eClass Cross-Site Scripting Vulnerability

Open eClass formerly known as GUnet eClass is a complete course management system from the Greek company Open eClass. The system supports for storing and presenting educational materials and asynchronous e-learning services, among others. A cross-site scripting vulnerability exists in Open eClass...

6.1CVSS6.6AI score0.00838EPSS
Exploits1References1
Rows per page
Query Builder