Lopalopa E-learning Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Lopalopa E-learning Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (41)
CVE-2024-50823 — CVSS 9.8 (critical): A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and…
CVE-2024-50833 — CVSS 9.8 (critical): A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password…
CVE-2024-54918 — CVSS 9.8 (critical): Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacher_avatar.php.
CVE-2024-54920 — CVSS 9.8 (critical): A SQL Injection vulnerability was found in /teacher_signup.php of kashipara E-learning Management System v1.0, which allows remote…
CVE-2024-54921 — CVSS 9.8 (critical): A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute…
CVE-2024-54923 — CVSS 9.8 (critical): A SQL Injection vulnerability was found in /admin/edit_teacher.php in kashipara E-learning Management System v1.0, which allows remote…
CVE-2024-54924 — CVSS 9.8 (critical): A SQL Injection was found in /admin/edit_content.php in kashipara E-learning Management System v1.0, which allows remote attackers to…
CVE-2024-54925 — CVSS 9.8 (critical): A SQL Injection was found in /remove_sent_message.php in kashipara E-learning Management System v1.0, which allows remote attackers to…
CVE-2024-54931 — CVSS 9.8 (critical): A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1.0, which allows remote attackers to…
CVE-2024-54932 — CVSS 9.8 (critical): Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_department.php.
CVE-2024-54926 — CVSS 8.8 (high): A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management System v1.0, which allows remote attackers…
CVE-2024-54938 — CVSS 7.5 (high): A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files…
CVE-2024-54929 — CVSS 7.2 (high): KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_subject.php.
CVE-2024-50835 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning Management System Project 1.0 via the cys, un…
CVE-2024-54928 — CVSS 7.2 (high): kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_teacher.php,
CVE-2024-50824 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management System Project 1.0 via the class_name…
CVE-2024-50825 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning Management System Project 1.0 via the school_year…
CVE-2024-50826 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and…
CVE-2024-50827 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning Management System Project 1.0 via the…
CVE-2024-50828 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning Management System Project 1.0 via the d…
CVE-2024-50829 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning Management System Project 1.0 via the unit…
CVE-2024-50830 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning Management System Project 1.0 via the…
CVE-2024-50831 — CVSS 7.2 (high): A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System Project 1.0 via the username and password…
CVE-2024-50832 — CVSS 7.2 (high): A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning Management System Project 1.0 via the class_name…
CVE-2024-50834 — CVSS 7.2 (high): A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0 via the firstname and lastname…
CVE-2024-54930 — CVSS 7.2 (high): Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_student.php.
CVE-2024-54922 — CVSS 7.2 (high): A SQL Injection was found in /admin/edit_user.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute…
CVE-2024-54933 — CVSS 7.2 (high): Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php.
CVE-2024-54927 — CVSS 7.2 (high): Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_users.php.
CVE-2024-50838 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0…
CVE-2024-50839 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project…
CVE-2024-50840 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This…
CVE-2024-50841 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System…
CVE-2024-50842 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project…
CVE-2024-50837 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0…
CVE-2024-54919 — CVSS 5.4 (medium): A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. This vulnerability…
CVE-2024-54936 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message.php of Kashipara E-learning Management System v1.0. This…
CVE-2024-54935 — CVSS 5.4 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message_teacher_to_student.php of kashipara E-learning Management…
CVE-2024-54937 — CVSS 5.3 (medium): A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files…
CVE-2024-50836 — CVSS 4.8 (medium): A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0…