130 matches found
CVE-2025-67259
A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low-privileged "student" user can access unauthorized course-level information by modifying intercepted API requests. Changing a captured POST request to a GET request against the /rest/v1/course PostgREST...
Exploit for CVE-2026-35678
Vulnerability Research Report: All Eduplus ERP Insecure Direct...
BIT-MOODLE-2025-3627 Moodle: partial data exposure in moodle before completing multi-factor authentication
A security vulnerability was discovered in Moodle that allows some users to access sensitive information about other students before they finish verifying their identities using two-factor authentication 2FA...
CVE-2025-13679
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getorderbyid function in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with...
CVE-2025-65594
OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users...
CVE-2025-65670
An Insecure Direct Object Reference IDOR in classroomio 0.1.13 allows students to access sensitive admin/teacher endpoints by manipulating course IDs in URLs, resulting in unauthorized disclosure of sensitive course, admin, and student data. The leak occurs momentarily before the system reverts t...
Exploit for CVE-2025-63955
CVE-2025-63955 – Cross-Site Request Forgery CSRF leading t...
EUVD-2021-11474
Malware in sbrugna...
EUVD-2023-30370
Malicious code in bioql PyPI...
EUVD-2024-50759
Malicious code in bioql PyPI...
EUVD-2024-38987
Malicious code in bioql PyPI...
EUVD-2023-31151
Malicious code in bioql PyPI...
EUVD-2023-31153
Malicious code in bioql PyPI...
EUVD-2023-31152
Malicious code in bioql PyPI...
EUVD-2024-50760
Malicious code in bioql PyPI...
EUVD-2023-30366
Malicious code in bioql PyPI...
This “insidious” police tech claims to predict crime (Lock and Code S06E18)
This week on the Lock and Code podcast… In the late 2010s, a group of sheriffs out of Pasco County, Florida, believed they could predict crime. The Sheriff’s Department there had piloted a program called “Intelligence-Led Policing” and the program would allegedly analyze disparate points of data ...
Linux Distros Unpatched Vulnerability : CVE-2025-3627
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability was discovered in Moodle that allows some users to access sensitive information about other students before they finish verifying their...
CVE-2024-12307
A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the...
CVE-2023-26574
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers...