3 matches found
CVE-2024-1970
CVE-2024-1970 affects SourceCodester Online Learning System V2.1.0 (and V2.0 in various records) with a cross-site scripting vulnerability in an unknown function of /index.php. The issue arises from manipulation of the page parameter, enabling remote exploitation and providing the attacker with a...
CVE-2021-42580
CVE-2021-42580 affects Sourcecodester Online Learning System 2.0. The vulnerability consists of a SQL injection-based authentication bypass in the admin/login.php and an authenticated file upload issue in Master.php, which together can be exploited to achieve unauthenticated remote code execution...
CVE-2021-40596
The CVE-2021-40596 entry concerns a SQL injection in the Login.php file of the sourcecodester Online Learning System v2 (by oretnom23). The vulnerability is exploitable via the faculty_id parameter, allowing an attacker to execute arbitrary SQL commands. Public references in connected documents c...