Lopalopa

E-learning Management System

41 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2024-50836

Exploit
  • EPSS 0.09%
  • Veröffentlicht 14.11.2024 17:15:07
  • Zuletzt bearbeitet 18.11.2024 18:35:05

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and lastname parameter...

7.2

CVE-2024-50834

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.11.2024 17:15:07
  • Zuletzt bearbeitet 18.11.2024 16:38:39

A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters.

7.2

CVE-2024-50835

Exploit
  • EPSS 0.04%
  • Veröffentlicht 14.11.2024 17:15:07
  • Zuletzt bearbeitet 18.11.2024 16:38:44

A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters.

9.8

CVE-2024-50833

Exploit
  • EPSS 0.07%
  • Veröffentlicht 14.11.2024 17:15:06
  • Zuletzt bearbeitet 18.11.2024 16:38:12

A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters.

7.2

CVE-2024-50832

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.11.2024 17:15:06
  • Zuletzt bearbeitet 18.11.2024 16:37:57

A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.

5.4

CVE-2024-50838

Exploit
  • EPSS 0.24%
  • Veröffentlicht 14.11.2024 15:15:09
  • Zuletzt bearbeitet 06.05.2025 13:38:57

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the d and pi parameters.

5.4

CVE-2024-50837

Exploit
  • EPSS 0.14%
  • Veröffentlicht 14.11.2024 15:15:08
  • Zuletzt bearbeitet 06.05.2025 13:41:22

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username paramet...

5.4

CVE-2024-50839

Exploit
  • EPSS 0.39%
  • Veröffentlicht 14.11.2024 14:15:18
  • Zuletzt bearbeitet 06.05.2025 13:42:17

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subject_code and title parame...

5.4

CVE-2024-50842

Exploit
  • EPSS 0.47%
  • Veröffentlicht 14.11.2024 14:15:18
  • Zuletzt bearbeitet 06.05.2025 13:41:46

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the school_year parameter.

5.4

CVE-2024-50841

Exploit
  • EPSS 0.36%
  • Veröffentlicht 14.11.2024 14:15:18
  • Zuletzt bearbeitet 06.05.2025 13:41:58

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the date_start, date_end, ...