Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-29303

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00567EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-29304

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.0095EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-29306

Malicious code in bioql PyPI...

4.3CVSS5AI score0.0074EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/19 12:0 a.m.11 views

ShinHer StudyOnline System Licensing Issue Vulnerability (CNVD-2021-101182)

ShinHer StudyOnline System is a school system from ShinHer, China. ShinHer StudyOnline System is vulnerable to an authorization issue, which stems from the fact that the teacher editing function of ShinHer StudyOnline System is not controlled by permissions. An attacker could use this vulnerabili...

8.8CVSS2.6AI score0.0095EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/19 12:0 a.m.12 views

ShinHer StudyOnline System License Issue Vulnerability

ShinHer StudyOnline System is a school administration system from ShinHer, China. " feature is not controlled by permissions. An attacker could use this vulnerability to access other users' message board content by setting URL parameters after logging in with user privileges...

4CVSS2.9AI score0.0074EPSS
Exploits0
NVD
NVD
added 2021/10/15 12:15 p.m.20 views

CVE-2021-42332

The “List View” function of ShinHer StudyOnline System is not under authority control. After logging in with user’s privilege, remote attackers can access the content of other users’ message boards by crafting URL parameters...

4.3CVSS0.0074EPSS
Exploits0References1
NVD
NVD
added 2021/10/15 12:15 p.m.20 views

CVE-2021-42330

The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. After logging in with user’s privilege, remote attackers can access and edit other users’ credential and personal information by crafting URL parameters...

8.8CVSS0.0095EPSS
Exploits0References1
NVD
NVD
added 2021/10/15 12:15 p.m.19 views

CVE-2021-42329

The “ListAdd” function of message board of ShinHer StudyOnline System does not filter special characters in the title parameter. After logging in with user’s privilege, remote attackers can inject JavaScript and execute stored XSS attacks...

5.4CVSS0.00567EPSS
Exploits0References1
OSV
OSV
added 2021/10/15 12:15 p.m.3 views

CVE-2021-42330

The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. After logging in with user’s privilege, remote attackers can access and edit other users’ credential and personal information by crafting URL parameters...

8.8CVSS7.4AI score0.0095EPSS
Exploits0References1
Prion
Prion
added 2021/10/15 12:15 p.m.15 views

Design/Logic Flaw

The “List View” function of ShinHer StudyOnline System is not under authority control. After logging in with user’s privilege, remote attackers can access the content of other users’ message boards by crafting URL parameters...

4CVSS4.8AI score0.0074EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/15 12:15 p.m.15 views

Design/Logic Flaw

The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control. After logging in with user’s privilege, remote attackers can access and edit other users’ credential and personal information by crafting URL parameters...

5.5CVSS8.6AI score0.0095EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/15 12:15 p.m.12 views

Cross site scripting

The “ListAdd” function of message board of ShinHer StudyOnline System does not filter special characters in the title parameter. After logging in with user’s privilege, remote attackers can inject JavaScript and execute stored XSS attacks...

3.5CVSS5.4AI score0.00567EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/15 12:10 p.m.46 views

CVE-2021-42332

CVE-2021-42332 : The ShinHer StudyOnline System exposes a protected resource via the List View function not under proper authority control. After logging in with standard user privileges, an attacker can craft URL parameters to access other users’ message board content. This is described consiste...

4.3CVSS4.7AI score0.0074EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/15 12:10 p.m.43 views

CVE-2021-42331

CVE-2021-42331 affects ShinHer StudyOnline System: the Study Edit function lacks permission checks, allowing an authenticated user to craft URL parameters to access and edit other users’ tutorial schedules. Documented impact is authorization bypass with potential for modification of schedules; no...

5.5CVSS5.5AI score0.00621EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/15 12:10 p.m.51 views

CVE-2021-42330

The CVE-2021-42330 issue affects ShinHer StudyOnline System, where the Teacher Edit function does not enforce proper authorization. According to connected records, after logging in with a user privilege, an attacker can craft URL parameters to access and edit other users’ credentials and personal...

8.8CVSS8.7AI score0.0095EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/10/15 11:38 a.m.2 views

CVE-2021-42332

The “List View” function of ShinHer StudyOnline System is not under authority control. After logging in with user’s privilege, remote attackers can access the content of other users’ message boards by crafting URL parameters...

4.3CVSS5.8AI score0.0074EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/10/15 12:0 a.m.4 views

PT-2021-23573 · Unknown · Shinher Studyonline System

Name of the Vulnerable Software and Affected Versions: ShinHer StudyOnline System affected versions not specified Description: The issue concerns the "Teacher Edit" function, which lacks authority control. After logging in with a user's privilege, remote attackers can access and edit other users'...

8.8CVSS8.6AI score0.0095EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/15 12:0 a.m.13 views

ShinHer StudyOnline System 安全漏洞

ShinHer StudyOnline System is a school administration system from ShinHer, China. " feature is not controlled by permissions. An attacker could use this vulnerability to access other users' message board content by setting URL parameters after logging in with user privileges...

4.3CVSS5.6AI score0.0074EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/10/15 12:0 a.m.5 views

PT-2021-23575 · Unknown · Shinher Studyonline System

Name of the Vulnerable Software and Affected Versions: ShinHer StudyOnline System affected versions not specified Description: The issue concerns the "List View" function not being under authority control, allowing remote attackers to access other users' message board content by manipulating URL...

4.3CVSS4.4AI score0.0074EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/15 12:0 a.m.5 views

ShinHer StudyOnline System 授权问题漏洞

ShinHer StudyOnline System is a school system from ShinHer, a Chinese company. ShinHer StudyOnline System is vulnerable to an authorization issue that stems from the Study Edit feature of ShinHer StudyOnline System without permission control. An attacker could use this vulnerability to access and...

5.5CVSS5.6AI score0.00621EPSS
Exploits0References2
Rows per page
Query Builder