Lucene search
+L

130 matches found

Cvelist
Cvelist
added 2026/04/24 12:0 a.m.31 views

CVE-2025-67259

A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low-privileged "student" user can access unauthorized course-level information by modifying intercepted API requests. Changing a captured POST request to a GET request against the /rest/v1/course PostgREST...

0.00212EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/06 12:48 p.m.145 views

Exploit for CVE-2026-35678

Vulnerability Research Report: All Eduplus ERP Insecure Direct...

6AI score
Exploits1
OSV
OSV
added 2026/01/26 2:49 p.m.5 views

BIT-MOODLE-2025-3627 Moodle: partial data exposure in moodle before completing multi-factor authentication

A security vulnerability was discovered in Moodle that allows some users to access sensitive information about other students before they finish verifying their identities using two-factor authentication 2FA...

4.3CVSS5.9AI score0.00307EPSS
Exploits0References3
NVD
NVD
added 2026/01/08 7:15 a.m.8 views

CVE-2025-13679

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getorderbyid function in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with...

6.5CVSS0.00207EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 6:16 p.m.5 views

CVE-2025-65594

OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users...

8.1CVSS0.00252EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/26 12:0 a.m.14 views

CVE-2025-65670

An Insecure Direct Object Reference IDOR in classroomio 0.1.13 allows students to access sensitive admin/teacher endpoints by manipulating course IDs in URLs, resulting in unauthorized disclosure of sensitive course, admin, and student data. The leak occurs momentarily before the system reverts t...

0.00218EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2025/11/15 3:25 p.m.153 views

Exploit for CVE-2025-63955

CVE-2025-63955 – Cross-Site Request Forgery CSRF leading t...

7.5CVSS6.6AI score0.00223EPSS
Exploits2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11474

Malware in sbrugna...

7.5CVSS7.5AI score0.01625EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-30370

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00702EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50759

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00252EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-38987

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00485EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-31151

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00695EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-31153

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00695EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2023-31152

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00695EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-50760

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00237EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-30366

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00603EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2025/09/08 4:15 p.m.7 views

This “insidious” police tech claims to predict crime (Lock and Code S06E18)

This week on the Lock and Code podcast… In the late 2010s, a group of sheriffs out of Pasco County, Florida, believed they could predict crime. The Sheriff’s Department there had piloted a program called “Intelligence-Led Policing” and the program would allegedly analyze disparate points of data ...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-3627

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability was discovered in Moodle that allows some users to access sensitive information about other students before they finish verifying their...

4.3CVSS5.8AI score0.00307EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:50 a.m.6 views

CVE-2024-12307

A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the...

4.3CVSS6.9AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.3 views

CVE-2023-26574

Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers...

7.5CVSS7.1AI score0.00695EPSS
Exploits0References1
Rows per page
Query Builder