Simple E-Learning System Project Simple E-Learning System vulnerabilities

5 known vulnerabilities affecting simple_e-learning_system_project/simple_e-learning_system.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2022-43319HIGHCVSS 7.5v1.02022-11-07
CVE-2022-43319 [HIGH] CVE-2022-43319: An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files.
nvd
CVE-2022-40872CRITICALCVSS 9.8v1.02022-10-07
CVE-2022-40872 [CRITICAL] CWE-89 CVE-2022-40872: An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode.
nvd
CVE-2022-2490HIGHCVSS 8.8v1.02022-07-20
CVE-2022-2490 [MEDIUM] CWE-89 CVE-2022-2490: A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0 A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x74666264 WHERE 5610=5610 AND (SELECT 7504 FROM(SELECT COUNT(*),CONCAT(0x7171627a71,(SELECT (ELT(7504=7504,1))),0x71717a7071,
nvd
CVE-2022-2489HIGHCVSS 8.8v1.02022-07-20
CVE-2022-2489 [MEDIUM] CWE-89 CVE-2022-2489: A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as criti A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x6770715a WHERE 8795=8795 AND (SELECT 8342 FROM(SELECT COUNT(*),CONCAT(0x7171786b71,(SELECT (ELT(8342=8342,1
nvd
CVE-2022-2396MEDIUMCVSS 5.4v1.02022-07-14
CVE-2022-2396 [LOW] CWE-79 CVE-2022-2396: A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claire_blake. The manipulation of the argument Bio with the input ">alert(document.cookie) leads to cross site scripting. The attack can be launched remotely. The exploit has been di
nvd