Vulnerabilities > Ideaco

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-31787 SQL Injection vulnerability in Ideaco Ideatms 2022
IdeaTMS 2022 is vulnerable to SQL Injection via the PATH_INFO
network
low complexity
ideaco CWE-89
critical
9.8
2022-06-21 CVE-2022-31786 Cross-site Scripting vulnerability in Ideaco Idealms 2022
IdeaLMS 2022 allows reflected Cross Site Scripting (XSS) via the IdeaLMS/Class/Assessment/ PATH_INFO.
network
low complexity
ideaco CWE-79
6.1
2022-06-10 CVE-2022-31788 SQL Injection vulnerability in Ideaco Idealms 2022
IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID= pathname.
network
low complexity
ideaco CWE-89
critical
9.8