Vulnerabilities > Creativeitem
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-03 | CVE-2022-47131 | Cross-site Scripting vulnerability in Creativeitem Academy LMS A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows an attacker to arbitrarily create a page. | 4.8 |
2023-02-03 | CVE-2022-47132 | Cross-Site Request Forgery (CSRF) vulnerability in Creativeitem Academy LMS A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows attackers to arbitrarily add Administrator users. | 8.8 |
2022-09-26 | CVE-2022-38553 | Cross-site Scripting vulnerability in Creativeitem Academy Learning Management System Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter. | 6.1 |
2022-05-25 | CVE-2022-29380 | Cross-site Scripting vulnerability in Creativeitem Academy LMS 4.3 Academy-LMS v4.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the SEO panel. | 4.8 |
2020-11-04 | CVE-2020-22273 | Cross-Site Request Forgery (CSRF) vulnerability in Creativeitem Neoflex Video Subscription System 2.0 Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed (such as Payment Settings) | 6.5 |
2018-10-19 | CVE-2018-18417 | Cross-site Scripting vulnerability in Creativeitem Ekushey Project Manager 3.1 In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and upload sections, as demonstrated by the name parameter to the index.php/admin/client/create URI. | 5.4 |