Vulnerabilities > Efrontlearning

DATE	CVE	VULNERABILITY TITLE	RISK
2010-03-19	CVE-2010-1003	Path Traversal vulnerability in Efrontlearning Efront Directory traversal vulnerability in www/editor/tiny_mce/langs/language.php in eFront 3.5.x through 3.5.5 allows remote attackers to include and execute arbitrary local files via a .. network efrontlearning CWE-22	6.8
2009-10-11	CVE-2009-3660	Code Injection vulnerability in Efrontlearning Efront PHP remote file inclusion vulnerability in libraries/database.php in Efront 3.5.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. network efrontlearning CWE-94	6.8
2009-08-21	CVE-2008-7026	Permissions, Privileges, and Access Controls vulnerability in Efrontlearning Efront Unrestricted file upload vulnerability in filesystem3.class.php in eFront 3.5.1 build 2710 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in (1) student/avatars/ or (2) professor/avatars/. network efrontlearning CWE-264	6.8

Vulnerabilities > Efrontlearning {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Efrontlearning"}]}