What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do

The Instructure Canvas breach affects universities, K–12 school districts, and teaching hospitals globally. This blog entry intends to provide context and practical guidance...

NEMU 安全漏洞

NEMU is an open-source teaching system simulator developed by XiangShan. NEMU has a security vulnerability, which stems from insufficient Smstateen permissions. This vulnerability may allow low-privilege code access to IMSIC state, potentially leading to cross-context information leaks or...

EUVD-2020-5163

Malware in sbrugna...

CVE-2024-10546

A vulnerability classified as critical was found in open-scratch Teaching 在线教学平台 up to 2.7. This vulnerability affects unknown code of the file /api/sys/ng-alain/getDictItemsByTable/ of the component URL Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The...

CVE-2023-50609

Cross Site Scripting XSS vulnerability in AVA teaching video application service platform version 3.1, allows remote attackers to execute arbitrary code via a crafted script to ajax.aspx...

How to Win Followers and Scamfluence People

Format Boy makes a living teaching Yahoo Boys, notorious West African scammers, how to use AI and deepfake technology to ensnare their next victims...

CVE-2025-1321

The teachPress plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tpsearch' shortcode in all versions up to, and including, 9.0.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

CVE-2024-10546

A vulnerability classified as critical was found in open-scratch Teaching 在线教学平台 up to 2.7. This vulnerability affects unknown code of the file /api/sys/ng-alain/getDictItemsByTable/ of the component URL Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-10546

The CVE-2024-10546 entry concerns open-scratch Teaching 在线教学平台 (versions up to 2.7). The vulnerability exists in the URL Handler’s API endpoint /api/sys/ng-alain/getDictItemsByTable/ and is due to an SQL injection in that API. It is exploitable remotely and an exploit has been disclosed publicly....

CVE-2024-10546 open-scratch Teaching 在线教学平台 URL getDictItemsByTable sql injection

A vulnerability classified as critical was found in open-scratch Teaching 在线教学平台 up to 2.7. This vulnerability affects unknown code of the file /api/sys/ng-alain/getDictItemsByTable/ of the component URL Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-10546 open-scratch Teaching 在线教学平台 URL getDictItemsByTable sql injection

A vulnerability classified as critical was found in open-scratch Teaching 在线教学平台 up to 2.7. This vulnerability affects unknown code of the file /api/sys/ng-alain/getDictItemsByTable/ of the component URL Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The...

Teaching SQL注入漏洞

Goodat Teaching Teaching online teaching platform is a STEAM online education solution for organizations and schools from Shanghai Pigeon Egg Network Goodat, which aims to provide an innovative environment for teachers and students to teach and learn programming easily. A SQL injection...

Malicious code in down_load_ebook_big_idea_companion_for_preaching_and_teaching_by_matthew_kim_cp768 (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2144 Malicious code in down_load_ebook_big_idea_companion_for_preaching_and_teaching_by_matthew_kim_cp768 (npm)

--- -= Per source details. Do not edit below this line.=-...

HAWKI 跨站脚本漏洞

HAWKI is a university teaching interface based on the OpenAI API by the HAWK Digital Environments team in Germany. HAWKI has a security vulnerability that stems from a path traversal vulnerability due to not properly filtering POST parameters. An attacker can exploit the vulnerability to overwrit...

CVE-2024-36109 Cross-site Scripting with Markdown rendering in CoCalc

CoCalc is web-based software that enables collaboration in research, teaching, and scientific publishing. In affected versions the markdown parser allows tags to be included which execute when published. This issue has been addressed in commit 419862a9c9879c. Users are advised to upgrade. There a...

CVE-2024-36109 Cross-site Scripting with Markdown rendering in CoCalc

CoCalc is web-based software that enables collaboration in research, teaching, and scientific publishing. In affected versions the markdown parser allows tags to be included which execute when published. This issue has been addressed in commit 419862a9c9879c. Users are advised to upgrade. There a...

Optimizing LMS Integration: 7 Strategies for Enhanced Blended Learning

By Uzair Amir Blended learning, a method that melds in-person teaching with online learning, has become increasingly popular recently. This innovative… This is a post from HackRead.com Read the original post: Optimizing LMS Integration: 7 Strategies for Enhanced Blended Learning...

Relate Learning And Teaching System SSTI / Remote Code Execution Vulnerability

Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code execution. This particular finding targets the Batch-Issue Exam Tickets function. Exploit Title: Relate Learning And Teaching system Version before...

Relate Learning And Teaching System SSTI / Remote Code Execution

Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIBatch-Issue Exam Tickets function lead to RCE Date: 24/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...