CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-5280

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00264EPSS

Exploits1References4

Cvelist•added 2025/06/04 12:0 a.m.•10 views

CVE-2025-46203

An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/id endpoint...

0.00088EPSS

Exploits3References2

Vulnrichment•added 2025/06/04 12:0 a.m.•8 views

CVE-2025-46204

An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/id endpoint...

7.2AI score0.00088EPSS

Exploits2References2

Cvelist•added 2025/03/10 12:0 a.m.•8 views

CVE-2025-25615

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections...

0.00421EPSS

Exploits0References2

RedhatCVE•added 2025/02/28 12:21 a.m.•7 views

CVE-2024-53573

Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for administrative use. This issue specifically affects teacher/edit/id...

9.8CVSS6.9AI score0.00264EPSS

Exploits1References1

Cvelist•added 2025/02/26 12:0 a.m.•7 views

CVE-2024-53573

0.00264EPSS

Exploits1References2

CVE•added 2025/02/26 12:0 a.m.•63 views

CVE-2024-53573

Unifiedtransform v2.X is vulnerable to Incorrect Access Control, enabling unauthorized users to access and manipulate administrative endpoints, specifically the teacher/edit/{id} path. The available data describes the root cause as improper access control, with impact described as high for confid...

9.8CVSS6.6AI score0.00264EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2024/12/09 8:50 a.m.•15 views

CVE-2024-12307 Function-Level Access Control Vulnerability Allows Unauthorized Modification of Student Data in Unifiedtransform

A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the...

4.3CVSS6.8AI score0.00134EPSS

Exploits0References1

CVE•added 2024/12/09 8:49 a.m.•50 views

CVE-2024-12305

Unifiedtransform v2.0 (and potentially earlier) contains an object‑level access control flaw in MarkController.php that lets a student access other students’ grades by altering the student_id parameter in the marks viewing endpoint. The CVE description explicitly notes insufficient access checks ...

4.3CVSS4.7AI score0.00169EPSS

Exploits0References1

CNNVD•added 2024/04/09 12:0 a.m.•1 views

Unifiedtransform 安全漏洞

Unifiedtransform is an open source school management software from Sourceforge Open Source. It allows for comprehensive and efficient management of school operations. A security vulnerability exists in Unifiedtransform v2.X, which stems from vulnerability to stored cross-site scripting XSS attack...

5.4CVSS5.8AI score0.00244EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by