RSS   Vulnerabilities for 'Learning management system'   RSS

2021-07-30
 
CVE-2021-25200

CWE-434
 

 
Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php.

 
2021-07-23
 
CVE-2021-25201

CWE-89
 

 
SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information.

 


Copyright 2024, cxsecurity.com

 

Back to Top