Efront@3.6.11 Security Vulnerabilities and Issues — Efront@3.6.11 CVE List

Lucene search

EfrontlearningEfront3.6.11

3 matches found

CVE•added 2012/08/13 10:55 p.m.•34 views

CVE-2012-4269

Unrestricted file upload vulnerability in eFront 3.6.11 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension via an attachment in a message.

6CVSS7.5AI score0.01582EPSS

CVE•added 2012/08/13 10:55 p.m.•30 views

CVE-2012-4270

Cross-site scripting (XSS) vulnerability in eFront 3.6.11 allows remote authenticated users to inject arbitrary web script or HTML via the subject box of a message.

3.5CVSS5.4AI score0.00179EPSS

CVE•added 2013/01/24 1:55 a.m.•26 views

CVE-2012-6515

eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers to obtain sensitive information via invalid courses_ID parameter in the lesson_info module to index.php, which reveals the installation path in an error message.

5CVSS6.4AI score0.00283EPSS