|
1101
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50834
|
2024-11-19 01:38 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1102
|
9.8 |
CRITICAL
Network
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50833
|
2024-11-19 01:38 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1103
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password parameters.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50831
|
2024-11-19 01:37 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1104
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning Management System Project 1.0 via the date_start, date_end, and title parameters.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50830
|
2024-11-19 01:37 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1105
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit parameter.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50829
|
2024-11-19 01:37 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1106
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50832
|
2024-11-19 01:37 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1107
|
5.4 |
MEDIUM
Network
|
kendysond
|
selar.co_widget
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kendysond Selar.Co Widget allows DOM-Based XSS.This issue affects Selar.Co Widget: from n/…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51598
|
2024-11-19 01:37 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1108
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning Management System Project 1.0 via the d parameter.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50828
|
2024-11-19 01:36 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1109
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning Management System Project 1.0 via the subject_code parameter.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50827
|
2024-11-19 01:36 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1110
|
- |
|
-
|
-
|
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an attacker may be able to know…
Update
|
CWE-22
Path Traversal
|
CVE-2024-42499
|
2024-11-19 01:35 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
