Skip to main content

E Learning Management System

41 CVEs product

Monthly

CVE-2024-54938 HIGH POC This Week

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure E Learning Management System
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-54934 CRITICAL POC Act Now

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_class.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-54932 CRITICAL POC Act Now

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_department.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-54931 CRITICAL POC Act Now

A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-54928 HIGH POC This Week

kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_teacher.php,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-54927 HIGH POC This Week

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_users.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-54925 CRITICAL POC Act Now

A SQL Injection was found in /remove_sent_message.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-54924 CRITICAL POC Act Now

A SQL Injection was found in /admin/edit_content.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-54923 CRITICAL POC Act Now

A SQL Injection vulnerability was found in /admin/edit_teacher.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-54921 CRITICAL POC Act Now

A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-54918 CRITICAL POC Act Now

Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacher_avatar.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-54935 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message_teacher_to_student.php of kashipara E-learning Management System v1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-54933 HIGH POC This Week

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-54930 HIGH POC This Week

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_student.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-54922 HIGH POC This Week

A SQL Injection was found in /admin/edit_user.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-54926 HIGH POC This Week

A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-54920 CRITICAL POC Act Now

A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-54919 MEDIUM POC This Month

A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Java E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-54937 MEDIUM POC This Month

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure E Learning Management System
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-54936 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message.php of Kashipara E-learning Management System v1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-54929 HIGH POC This Week

KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_subject.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-50831 HIGH POC This Week

A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-50830 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning Management System Project 1.0 via the date_start, date_end, and title parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-50829 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-50828 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning Management System Project 1.0 via the d parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-50827 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning Management System Project 1.0 via the subject_code parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-50826 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-50825 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-50824 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-50823 CRITICAL POC Act Now

A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-50836 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2024-50835 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-50834 HIGH POC This Week

A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-50833 CRITICAL POC Act Now

A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-50832 HIGH POC This Week

A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-50838 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2024-50837 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2024-50842 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-50841 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-50840 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-50839 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow PHP XSS E Learning Management System
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
EPSS 1% CVSS 7.5
HIGH POC This Week

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure E Learning Management System
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_class.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_department.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_teacher.php,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_users.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A SQL Injection was found in /remove_sent_message.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A SQL Injection was found in /admin/edit_content.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A SQL Injection vulnerability was found in /admin/edit_teacher.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacher_avatar.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload +1
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message_teacher_to_student.php of kashipara E-learning Management System v1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_student.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

A SQL Injection was found in /admin/edit_user.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Java +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure E Learning Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message.php of Kashipara E-learning Management System v1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_subject.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning Management System Project 1.0 via the date_start, date_end, and title parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning Management System Project 1.0 via the d parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning Management System Project 1.0 via the subject_code parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Learning Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow PHP XSS +1
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS E Learning Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow PHP XSS +1
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow PHP XSS +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy