Creativeitem: Security Vulnerabilities
A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows an attacker to arbitrarily create a page.
CVSS Score
4.8
EPSS Score
0.004
Published
2023-02-03
Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.
CVSS Score
6.1
EPSS Score
0.079
Published
2022-09-26
Academy-LMS v4.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the SEO panel.
CVSS Score
4.8
EPSS Score
0.003
Published
2022-05-25
Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed (such as Payment Settings)
CVSS Score
6.5
EPSS Score
0.001
Published
2020-11-04
In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and upload sections, as demonstrated by the name parameter to the index.php/admin/client/create URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-10-19
Page 3