Filtered by vendor Lopalopa Subscriptions
Filtered by product E-learning Management System Subscriptions
Total 24 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-54933 1 Lopalopa 1 E-learning Management System 2024-12-12 9.8 Critical
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php.
CVE-2024-54930 1 Lopalopa 1 E-learning Management System 2024-12-12 9.8 Critical
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_student.php.
CVE-2024-54922 1 Lopalopa 1 E-learning Management System 2024-12-12 9.8 Critical
A SQL Injection was found in /admin/edit_user.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the firstname, lastname, and username parameters.
CVE-2024-54926 1 Lopalopa 1 E-learning Management System 2024-12-11 9.8 Critical
A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the school_year parameter.
CVE-2024-54937 1 Lopalopa 1 E-learning Management System 2024-12-11 5.3 Medium
A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets.
CVE-2024-54935 1 Lopalopa 1 E-learning Management System 2024-12-11 5.4 Medium
A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message_teacher_to_student.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the my_message parameter.
CVE-2024-54929 1 Lopalopa 1 E-learning Management System 2024-12-11 7.2 High
KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_subject.php.
CVE-2024-54920 1 Lopalopa 1 E-learning Management System 2024-12-11 9.8 Critical
A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the firstname, lastname, and class_id parameters.
CVE-2024-54936 1 Lopalopa 1 E-learning Management System 2024-12-10 5.4 Medium
A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message.php of Kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the my_message parameter.
CVE-2024-54919 1 Lopalopa 1 E-learning Management System 2024-12-10 5.4 Medium
A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary java script via the filename parameter.
CVE-2024-50836 1 Lopalopa 1 E-learning Management System 2024-11-18 6.1 Medium
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and lastname parameters.
CVE-2024-50826 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters.
CVE-2024-50825 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter.
CVE-2024-50824 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.
CVE-2024-50823 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters.
CVE-2024-50835 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un, ln, fn, and id parameters.
CVE-2024-50834 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname parameters.
CVE-2024-50833 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters.
CVE-2024-50832 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.
CVE-2024-50831 2 Kashipara, Lopalopa 2 E Learning Management System Project, E-learning Management System 2024-11-18 3.5 Low
A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password parameters.