VYPR

Markus

by MarkUsProject

CVEs (3)

  • CVE-2024-51743HigNov 18, 2024
    risk 0.00cvss 8.8epss 0.01

    MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability in the update/upload/create file methods in Controllers allows authenticated instructors to write arbitrary files to any location…

  • CVE-2024-51499HigNov 18, 2024
    risk 0.00cvss 8.8epss 0.01

    MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the update_files method of the SubmissionsController allows authenticated users (e.g. students) to write arbitrary…

  • CVE-2024-47820MedNov 18, 2024
    risk 0.00cvss 5.7epss 0.01

    MarkUs, a web application for the submission and grading of student assignments, is vulnerable to path traversal in versions prior to 2.4.8. Authenticated instructors may download any file on the web server MarkUs is running on, depending on the file permissions. MarkUs v2.4.8…