Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
learning management system vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-25200
Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows malicious users to execute arbitrary code, via the file upload to \lms\student_avatar.php.
Learning Management System Project Learning Management System 1.0
445
VMScore
CVE-2021-25201
SQL injection vulnerability in Learning Management System v 1.0 allows remote malicious users to execute arbitrary SQL statements through the id parameter to obtain sensitive database information.
Learning Management System Project Learning Management System 1.0
828
VMScore
CVE-2013-3599
userlogin.jsp in Coursemill Learning Management System (LMS) 6.6 and 6.8 allows remote malicious users to gain privileges via a modified user-role value to home.html.
Trivantis Coursemill Learning Management System 6.8
Trivantis Coursemill Learning Management System 6.6
445
VMScore
CVE-2002-1909
Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the hashed administrative password in a config.txt file under the htdocs directory, which allows remote malicious users to obtain the administrative password.
Click2learn Ingenium Learning Management System 5.1
Click2learn Ingenium Learning Management System 6.1
312
VMScore
CVE-2018-6866
Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message.
Learning And Examination Management System Script Project Learning And Examination Management System Script 2.3.1
505
VMScore
CVE-2002-1910
Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows malicious users to obtain passwords.
Click-2 Ingenium Learning Management System 5.1
Click-2 Ingenium Learning Management System 6.1
1 EDB exploit
312
VMScore
CVE-2021-25029
The CLUEVO LMS, E-Learning Platform WordPress plugin prior to 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Cluevo Learning Management System
356
VMScore
CVE-2018-16970
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
Wisetail Learning Management System
356
VMScore
CVE-2018-16971
Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to access non-purchased course contents (quiz / test) via a modified id parameter.
Wisetail Learning Management System
NA
CVE-2023-40607
Cross-Site Request Forgery (CSRF) vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin <= 1.10.0 versions.
Cluevo Learning Management System
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »