E Learning System
by Dokeos
CVEs (20)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-4574 | Med | 0.41 | 6.3 | 0.00 | Mar 23, 2026 | A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely.… | ||
| CVE-2026-4573 | Med | 0.41 | 6.3 | 0.00 | Mar 23, 2026 | A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/form_handlers/delete_post.php of the component HTTP GET Parameter Handler. The manipulation of the argument post_id leads to sql… | ||
| CVE-2026-1154 | Med | 0.28 | 4.3 | 0.00 | Jan 19, 2026 | A flaw has been found in SourceCodester E-Learning System 1.0. This impacts an unknown function of the file /admin/modules/lesson/index.php of the component Lesson Module Handler. Executing a manipulation of the argument Title/Description can lead to basic cross site scripting.… | ||
| CVE-2008-3363 | 0.03 | — | 0.03 | Jul 30, 2008 | Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter. | |||
| CVE-2008-0851 | 0.03 | — | 0.04 | Feb 21, 2008 | Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php, (2) courseCode parameter to main/calendar/myagenda.php, (3) category parameter to… | |||
| CVE-2025-2687 | 0.00 | — | 0.00 | Mar 24, 2025 | A vulnerability classified as critical has been found in PHPGurukul eLearning System 1.0. Affected is an unknown function of the file /user/index.php of the component Image Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The… | |||
| CVE-2025-1590 | 0.00 | — | 0.00 | Feb 23, 2025 | A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible… | |||
| CVE-2025-1589 | 0.00 | — | 0.00 | Feb 23, 2025 | A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be… | |||
| CVE-2024-3321 | 0.00 | — | 0.01 | Apr 5, 2024 | A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate… | |||
| CVE-2022-43319 | 0.00 | — | 0.01 | Nov 7, 2022 | An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files. | |||
| CVE-2022-40872 | 0.00 | — | 0.01 | Oct 7, 2022 | An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode. | |||
| CVE-2022-2704 | 0.00 | — | 0.01 | Aug 8, 2022 | A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be… | |||
| CVE-2022-2701 | 0.00 | — | 0.00 | Aug 8, 2022 | A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claire_blake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The… | |||
| CVE-2022-2699 | 0.00 | — | 0.01 | Aug 8, 2022 | A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claire_blake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched… | |||
| CVE-2022-2698 | 0.00 | — | 0.01 | Aug 7, 2022 | A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be… | |||
| CVE-2022-2697 | 0.00 | — | 0.01 | Aug 7, 2022 | A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file comment_frame.php. The manipulation of the argument post_id leads to sql injection. It is possible to launch the attack remotely.… | |||
| CVE-2022-2665 | 0.00 | — | 0.00 | Aug 5, 2022 | A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument post_id leads to sql injection. The attack can be launched… | |||
| CVE-2022-2490 | 0.00 | — | 0.01 | Jul 20, 2022 | A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x74666264 WHERE 5610=5610 AND (SELECT 7504… | |||
| CVE-2022-2489 | 0.00 | — | 0.01 | Jul 20, 2022 | A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x6770715a WHERE 8795=8795 AND… | |||
| CVE-2022-2396 | 0.00 | — | 0.00 | Jul 14, 2022 | A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claire_blake. The manipulation of the argument Bio with the input… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely.…
- risk 0.41cvss 6.3epss 0.00
A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/form_handlers/delete_post.php of the component HTTP GET Parameter Handler. The manipulation of the argument post_id leads to sql…
- risk 0.28cvss 4.3epss 0.00
A flaw has been found in SourceCodester E-Learning System 1.0. This impacts an unknown function of the file /admin/modules/lesson/index.php of the component Lesson Module Handler. Executing a manipulation of the argument Title/Description can lead to basic cross site scripting.…
- CVE-2008-3363Jul 30, 2008risk 0.03cvss —epss 0.03
Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter.
- CVE-2008-0851Feb 21, 2008risk 0.03cvss —epss 0.04
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php, (2) courseCode parameter to main/calendar/myagenda.php, (3) category parameter to…
- CVE-2025-2687Mar 24, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in PHPGurukul eLearning System 1.0. Affected is an unknown function of the file /user/index.php of the component Image Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The…
- CVE-2025-1590Feb 23, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible…
- CVE-2025-1589Feb 23, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester E-Learning System 1.0 and classified as problematic. This issue affects some unknown processing of the file /register.php of the component User Registration Handler. The manipulation leads to cross site scripting. The attack may be…
- CVE-2024-3321Apr 5, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate…
- CVE-2022-43319Nov 7, 2022risk 0.00cvss —epss 0.01
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files.
- CVE-2022-40872Oct 7, 2022risk 0.00cvss —epss 0.01
An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode.
- CVE-2022-2704Aug 8, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as problematic. This vulnerability affects unknown code of the file downloadFiles.php. The manipulation of the argument download leads to information disclosure. The attack can be…
- CVE-2022-2701Aug 8, 2022risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in SourceCodester Simple E-Learning System. This vulnerability affects unknown code of the file /claire_blake. The manipulation of the argument Bio leads to cross site scripting. The attack can be initiated remotely. The…
- CVE-2022-2699Aug 8, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Simple E-Learning System. It has been rated as critical. Affected by this issue is some unknown functionality of the file /claire_blake. The manipulation of the argument phoneNumber leads to sql injection. The attack may be launched…
- CVE-2022-2698Aug 7, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Simple E-Learning System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument searchPost leads to sql injection. The attack can be…
- CVE-2022-2697Aug 7, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Simple E-Learning System. It has been classified as critical. Affected is an unknown function of the file comment_frame.php. The manipulation of the argument post_id leads to sql injection. It is possible to launch the attack remotely.…
- CVE-2022-2665Aug 5, 2022risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument post_id leads to sql injection. The attack can be launched…
- CVE-2022-2490Jul 20, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x74666264 WHERE 5610=5610 AND (SELECT 7504…
- CVE-2022-2489Jul 20, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x6770715a WHERE 8795=8795 AND…
- CVE-2022-2396Jul 14, 2022risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in SourceCodester Simple e-Learning System 1.0. Affected by this vulnerability is an unknown functionality of the file /vcs/claire_blake. The manipulation of the argument Bio with the input…