Oretnom23 Online Learning System vulnerabilities
3 known vulnerabilities affecting oretnom23/online_learning_system.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-42580P2CRITICALCVSS 9.8PoCv2.02021-11-15
CVE-2021-42580 [CRITICAL] CWE-89 CVE-2021-42580: Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in ad
Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.
nvd
CVE-2021-40596P3CRITICALCVSS 9.8v2.02022-01-24
CVE-2021-40596 [CRITICAL] CWE-89 CVE-2021-40596: SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, a
SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the faculty_id parameter.
nvd
CVE-2024-1970P4MEDIUMCVSS 6.1v2.02024-02-29
CVE-2024-1970 [MEDIUM] CWE-79 CVE-2024-1970: A vulnerability, which was classified as problematic, was found in SourceCodester Online Learning Sy
A vulnerability, which was classified as problematic, was found in SourceCodester Online Learning System V2 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-2551
nvd