30 matches found
CVE-2022-40872
An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode...
CVE-2022-2704
CVE-2022-2704 affects the SourceCodester Simple E-Learning System. The vulnerability is in the downloadFiles.php file where the value of the download parameter is not properly validated, allowing arbitrary file downloads and resulting in information disclosure. The issue can be exploited remotely...
CVE-2022-2701 SourceCodester Simple E-Learning System claire_blake cross site scripting
A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claireblake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclose...
Simple E-Learning System 跨站脚本漏洞
Simple E-Learning System is a simple e-learning system from Carlo Montero's personal developer. Simple E-Learning System is vulnerable to a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter Bio in the file...
CVE-2022-2698 SourceCodester Simple E-Learning System search.php sql injection
A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be launched remotely. The...
CVE-2022-2697
SourceCodester Simple E-Learning System is affected by a SQL injection in the comment_frame.php file, via the post_id parameter. The vulnerability arises from an unknown function and can be exploited remotely; the exploit has been disclosed publicly. The identifier VDB-205818 is associated with t...
CVE-2022-2489
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...
CVE-2022-2490
CVE-2022-2490 affects SourceCodester Simple E-Learning System 1.0. The vulnerability is a SQL injection in an unknown function of the file search.php , triggered by manipulating the parameter classCode (example payload includes 1'||(SELECT 0x74666264 …)). Exploitation is possible remotely, and pu...
CVE-2022-2489
SourceCodester Simple E-Learning System 1.0 contains a SQL injection in classRoom.php via crafted input of the classCode parameter (e.g., 1'||(SELECT ...)). The vulnerability is remote-exploitable and has a CVSSv3.1 base score of 8.8 (HIGH) per NVD, with high impact on confidentiality, integrity,...
CVE-2022-2489 SourceCodester Simple E-Learning System classRoom.php sql injection
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||SELECT 0x6770715a WHERE 8795=8795 AND SELECT 8342 FROMSELECT...