Netlab Classsystem vulnerabilities
2 known vulnerabilities affecting netlab/classsystem.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6619P3MEDIUMCVSS 6.8PoCv2.32009-04-06
CVE-2008-6619 [MEDIUM] CWE-264 CVE-2008-6619: Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote attacke
Unrestricted file upload vulnerability in class/ApplyDB.php in ClassSystem 2.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in class/UploadHomepage/.
nvd
CVE-2008-6618P3HIGHCVSS 7.5PoCv2.32009-04-06
CVE-2008-6618 [HIGH] CWE-89 CVE-2008-6618: Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrar
Multiple SQL injection vulnerabilities in ClassSystem 2.3 allow remote attackers to execute arbitrary SQL commands via the teacher_id parameter in (1) class/HomepageMain.php and (2) class/HomepageTop.php, and (3) the message_id parameter in class/MessageReply.php.
nvd