Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
learning management system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3604
Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.6 allow remote malicious users to inject arbitrary web script or HTML via crafted input.
Trivantis Coursemill Learning Management System 6.6
NA
CVE-2013-3605
Cross-site request forgery (CSRF) vulnerability in Coursemill Learning Management System (LMS) 6.6 allows remote malicious users to hijack the authentication of arbitrary users via vectors related to cookies.
Trivantis Coursemill Learning Management System 6.6
NA
CVE-2007-6338
SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote malicious users to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party in...
Trivantis Coursemill Enterprise Learning Management System 4.1
9.8
CVSSv3
CVE-2021-35964
The management page of the Orca HCM digital learning platform does not perform identity verification, which allows remote malicious users to execute the management function without logging in, access members’ information, modify and delete the courses in system, thus causin...
Learningdigital Orca Hcm
7.5
CVSSv3
CVE-2022-28740
aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor.
Aenrich A\\+hrd
8.1
CVSSv3
CVE-2022-28741
aEnrich a+HRD 5.x Learning Management Key Performance Indicator System has a local file inclusion (LFI) vulnerability that occurs due to missing input validation in v5.x
Aenrich A\\+hrd
9.8
CVSSv3
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
172 Github repositories
7 Articles
7.5
CVSSv3
CVE-2021-24562
The LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin prior to 4.21.2 was affected by an IDOR issue, allowing students to see other student answers and grades
Lifterlms Lifterlms
7.5
CVSSv3
CVE-2022-28742
aEnrich eHRD Learning Management Key Performance Indicator System 5+ has Improper Access Control. The web application does not validate user session when accessing many application pages. This can allow an malicious user to gain unauthenticated access to sensitive functionalities...
Aenrich A\\+hrd
9.8
CVSSv3
CVE-2023-42807
Frappe LMS is an open source learning management system. In versions 1.0.0 and prior, on the People Page of LMS, there was an SQL Injection vulnerability. The issue has been fixed in the `main` branch. Users won't face this issue if they are using the latest main branch of t...
Frappe Frappe Lms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »