Vulnerabilities > Online Learning System Project > Online Learning System > 2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-24 | CVE-2021-40596 | SQL Injection vulnerability in Online Learning System Project Online Learning System 2.0 SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the faculty_id parameter. | 7.5 |
2021-11-15 | CVE-2021-42580 | SQL Injection vulnerability in Online Learning System Project Online Learning System 2.0 Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution. | 7.5 |