9 matches found
EUVD-2024-34374
Malicious code in bioql PyPI...
CVE-2025-54946
A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary SQL commands...
CVE-2025-54943
A missing authorization vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to perform unauthorized application deployment due to the absence of proper access control checks...
The vulnerability of the WPLMS training management system, a content management system for WordPress websites, allows an attacker to gain access to read, modify, or delete data.
The vulnerability of the WPLMS training management system involves incorrect restrictions on the path to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...
CVE-2024-11984
A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload restrictions and perform arbitrary system commands with SYSTEM privilege via a crafted ZIP file...
CVE-2024-11984 SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type
A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload restrictions and perform arbitrary system commands with SYSTEM privilege via a crafted ZIP file...
CVE-2024-11984
The CVE-2024-11984 vulnerability affects the Corporate Training Management System, specifically the epaper draft function. It describes an unrestricted upload of files with dangerous types that lets remote authenticated users bypass upload restrictions and run arbitrary commands with SYSTEM privi...
Arbitrary file upload vulnerability in EduWork uplaod.php page
EduWork is an almost open source training institution management system, focusing on solving the daily affairs of training institutions and the entire management. An arbitrary file upload vulnerability exists in the EduWork uplaod.php page. Attackers can use this vulnerability to obtain...
Online Training Management System Generalized Arbitrary File Download Vulnerability of Beijing Jianfeng Hexun Technology Co.
Peak Hutchinson's Online Training Management System is a software system that provides full-process management of training activities for learning organizations. There is a generic arbitrary file download vulnerability in the online training management system of Beijing Summit Hexun Technology Co...