CVE-2025-52482

CVE-2025-52482 affects Chamilo LMS prior to version 1.11.30, with a stored XSS vulnerability in the glossary function. The issue allows users with the Teachers role to inject JavaScript against the administrator via the glossary/trigger paths (e.g., /main/glossary/index.php and related tracking r...

EUVD-2019-3121

Malware in sbrugna...

WordPress Sensei LMS plugin < 4.20.0 - Teacher+ Users Email Address Disclosure vulnerability

Teacher+ Users Email Address Disclosure vulnerability discovered by Li Xuhang in WordPress Plugin Sensei LMS versions 4.20.0...

CVE-2019-11446

An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager field contains an arbitrary file upload vulnerability via upload.php. The $IllegalExtensions value only lists lowercase a...

ATutor 2.2.4 - file_manager Remote Code Execution Exploit #RCE

Exploit for php platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ATutor %q This module allows the user to run commands on the server with teacher user...

ATutor file_manager Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ATutor %q This module allows the user to run commands on the server with teacher user privilege. The 'Upload files' section in the 'File Manager'...