Vulnerabilities > Online Learning System Project > Online Learning System > 2.0

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-24	CVE-2021-40596	SQL Injection vulnerability in Online Learning System Project Online Learning System 2.0 SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the faculty_id parameter. network low complexity online-learning-system-project CWE-89	7.5
2021-11-15	CVE-2021-42580	SQL Injection vulnerability in Online Learning System Project Online Learning System 2.0 Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution. network low complexity online-learning-system-project CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.