Vulnerabilities > Efrontlearning

DATE	CVE	VULNERABILITY TITLE	RISK
2018-02-05	CVE-2015-4461	Path Traversal vulnerability in Efrontlearning Efront Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earlier allows remote Professor users to obtain sensitive information via a full pathname in the other parameter. network low complexity efrontlearning CWE-22	6.5
2017-07-25	CVE-2015-4463	Unrestricted Upload of File with Dangerous Type vulnerability in Efrontlearning Efront The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL. network low complexity efrontlearning CWE-434	6.5
2017-07-25	CVE-2015-4462	Unrestricted Upload of File with Dangerous Type vulnerability in Efrontlearning Efront Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file from url" field in the file manager for professor.php. network low complexity efrontlearning CWE-434	6.5

Vulnerabilities > Efrontlearning {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Efrontlearning"}]}