Vulnerabilities > Lopalopa > E Learning Management System > High

DATE CVE VULNERABILITY TITLE RISK
2024-12-09 CVE-2024-54922 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection was found in /admin/edit_user.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the firstname, lastname, and username parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-12-09 CVE-2024-54930 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_student.php.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-12-09 CVE-2024-54933 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-12-09 CVE-2024-54926 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the school_year parameter.
network
low complexity
lopalopa CWE-89
8.8
8.8
2024-12-09 CVE-2024-54929 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_subject.php.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50824 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name parameter.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50825 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year parameter.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50826 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50827 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning Management System Project 1.0 via the subject_code parameter.
network
low complexity
lopalopa CWE-89
7.2
7.2
2024-11-14 CVE-2024-50828 SQL Injection vulnerability in Lopalopa E-Learning Management System 1.0
A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning Management System Project 1.0 via the d parameter.
network
low complexity
lopalopa CWE-89
7.2
7.2