196 matches found
CVE-2022-33116
CVE-2022-33116 affects GUnet Open eClass Platform (openeclass) up to v3.12.4. The vulnerability resides in the jmpath variable in /modules/mindmap/index.php, enabling directory traversal to read arbitrary files. Public records across NVD, Red Hat, OSV, CVE lists, and other sources consistently de...
CVE-2022-33116
An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform aka openeclass v3.12.4 and below allows attackers to read arbitrary files via a directory traversal...
GUnet Open eClass Platform 路径遍历漏洞
GUnet Open eClass Platform is an integrated course management system for GUnet eClass. A security vulnerability exists in GUnet Open eClass Platform aka openeclass version v3.12.4 and earlier. An attacker can exploit this vulnerability to read arbitrary files via directory traversal via the jmpat...
CVE-2021-44266
GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...
CVE-2021-44266
GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...
CVE-2021-44266
GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...
Design/Logic Flaw
GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...
CVE-2021-44266
GUnet Open eClass aka openeclass before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter...
CVE-2021-44266
CVE-2021-44266 affects GUnet Open eClass (openeclass) prior to version 3.12.2. The vulnerability is an XSS flaw exploitable via the modules/auth/formuser.php auth parameter. Root cause and remediation details are not provided in the supplied documents.
GUnet Open eClass Platform 跨站脚本漏洞
GUnet Open eClass Platform is an integrated course management system for GUnet eClass. A security vulnerability exists in GUnet Open eClass Platform openeclass versions prior to 3.12.2, which can be exploited by attackers to conduct XSS attacks via the modules/auth/formuser.php auth parameter...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
Design/Logic Flaw
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
CVE-2020-24381
GUnet Open eClass Platform (openeclass) prior to 3.11 is vulnerable to reading submitted assessments due to directory listing not being blocked and the data directory being inside the web root. This could allow remote attackers to access student submissions. The affected product/version is public...
CVE-2020-24381
GUnet Open eClass Platform aka openeclass before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default...
Open eClass Cross-Site Scripting Vulnerability
Open eClass formerly known as GUnet eClass is a complete course management system from the Greek company Open eClass. The system supports for storing and presenting educational materials and asynchronous e-learning services, among others. A cross-site scripting vulnerability exists in Open eClass...