Vulnerabilities > CVE-2022-43319 - Unspecified vulnerability in Simple E-Learning System Project Simple E-Learning System 1.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

simple-e-learning-system-project

NVD

Published: 2022-11-07

Updated: 2024-11-21

Summary

An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files.

Vulnerable Configurations

Part	Description	Count
Application	Simple_E-Learning_System_Project Simple E Learning System Project Simple E Learning System 1.0	1

References

https://github.com/ImaizumiYui/bug_report/blob/main/vendors/oretnom23/Simple%20E-Learning%20System/discl1.md
https://github.com/ImaizumiYui/bug_report/blob/main/vendors/oretnom23/Simple%20E-Learning%20System/discl1.md