30 matches found
CVE-2026-4574
A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now...
EUVD-2022-46359
Malicious code in bioql PyPI...
EUVD-2022-34748
Malicious code in bioql PyPI...
EUVD-2022-34942
Malicious code in bioql PyPI...
EUVD-2022-44128
Malicious code in bioql PyPI...
CVE-2022-2697
A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file commentframe.php. The manipulation of the argument postid leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...
CVE-2022-2704
A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be initiated remotely. The...
CVE-2022-2701
A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claireblake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...
CVE-2022-40872
An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
CVE-2022-2698
A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The...
CVE-2022-2665
A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument postid leads to sql injection. The attack can be launched remotely. The exploit has...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
Information disclosure
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
CVE-2022-43319
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files...
PT-2022-26845 · Unknown · Simple E-Learning System
Name of the Vulnerable Software and Affected Versions: Simple E-Learning System version 1.0 Description: An information disclosure issue exists in the component "vcs/downloadFiles.php?download=./search.php" of Simple E-Learning System, allowing attackers to read arbitrary files. Recommendations:...
CVE-2022-43319
CVE-2022-43319 affects Simple E-Learning System v1.0. The vulnerability resides in the endpoint vcs/downloadFiles.php?download=./search.php, enabling an attacker to read arbitrary files and thus disclose confidential data. The reported impact is High confidentiality loss (CVSS v3.1: AV:N/AC:L/PR:...
PT-2022-25597 · Unknown · Sourcecodester Simple E-Learning System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Simple E-Learning System version 1.0 Description: A SQL injection issue was found in the /vcs/classRoom.php endpoint, specifically with the classCode parameter. This allows for potential SQL injection attacks. Recommendations:...