Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Open Eclass Platform Security Vulnerabilities

cve
cve

CVE-2020-24381

GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default.

7.5CVSS

7.4AI Score

0.005EPSS

2020-08-19 12:15 PM
24
cve
cve

CVE-2021-44266

GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter.

6.1CVSS

5.9AI Score

0.001EPSS

2022-06-11 03:15 PM
39
6
cve
cve

CVE-2024-38530

The Open eClass platform (formerly known as GUnet eClass) is a complete Course Management System. An arbitrary file upload vulnerability in the "save" functionality of the H5P module enables unauthenticated users to upload arbitrary files on the server's filesystem. This may lead in unrestricted RC...

9.8CVSS

9.4AI Score

0.001EPSS

2024-08-12 03:15 PM
25