Shodan
Vulnerabilities
Vulnerable Software
Lopalopa:  >> E-Learning Management System  Security Vulnerabilities
CVE-2024-54938
A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-12-09
CVE-2024-54923
A SQL Injection vulnerability was found in /admin/edit_teacher.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the department parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-12-09
CVE-2024-54924
A SQL Injection was found in /admin/edit_content.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the title and content parameters.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-12-09
CVE-2024-54925
A SQL Injection was found in /remove_sent_message.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-12-09
CVE-2024-54927
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_users.php.
CVSS Score
7.2
EPSS Score
0.001
Published
2024-12-09
CVE-2024-54928
kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_teacher.php,
CVSS Score
7.2
EPSS Score
0.001
Published
2024-12-09
CVE-2024-54931
A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the id parameter.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-12-09
CVE-2024-54932
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_department.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-12-09
CVE-2024-54934
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_class.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-12-09
CVE-2024-54918
Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacher_avatar.php.
CVSS Score
9.8
EPSS Score
0.016
Published
2024-12-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved