2 matches found
CVE-2020-14972
Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online E-Learning System 1.0 allow remote unauthenticated attackers to bypass authentication and achieve Remote Code Execution RCE via the useremail, userpass, and id parameters on the admin login-portal and the edit-lessons webpages...
CVE-2024-4349
A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be...