Search Results | AttackerKB

Show filters

Topics 338 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

338 Total Results

Displaying 11-20 of 338

Attacker Value

Unknown

CVE-2025-22334

Disclosure Date: January 07, 2025 (last updated January 08, 2025)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FilaThemes Education LMS allows Stored XSS.This issue affects Education LMS: from n/a through 0.0.7.

0

Attacker Value

Unknown

CVE-2024-37093

Disclosure Date: January 02, 2025 (last updated January 23, 2025)

Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes MasterStudy LMS allows Cross Site Request Forgery.This issue affects MasterStudy LMS: from n/a through 3.2.1.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2024-56045

Disclosure Date: December 31, 2024 (last updated January 02, 2025)

Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.

0

Attacker Value

Unknown

CVE-2024-56044

Disclosure Date: December 31, 2024 (last updated January 02, 2025)

Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS allows Authentication Bypass.This issue affects WPLMS: from n/a through 1.9.9.

0

Attacker Value

Unknown

CVE-2024-56043

Disclosure Date: December 31, 2024 (last updated January 02, 2025)

Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS allows Privilege Escalation.This issue affects WPLMS: from n/a through 1.9.9.

0

Attacker Value

Unknown

CVE-2024-56046

Disclosure Date: December 31, 2024 (last updated January 02, 2025)

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9.

0

Attacker Value

Unknown

CVE-2024-56042

Disclosure Date: December 31, 2024 (last updated January 02, 2025)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3.

0

Attacker Value

Unknown

CVE-2024-56057

Disclosure Date: December 18, 2024 (last updated December 19, 2024)

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2.

0

Attacker Value

Unknown

CVE-2024-56055

Disclosure Date: December 18, 2024 (last updated December 19, 2024)

Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2.

0

Attacker Value

Unknown

CVE-2024-56054

Disclosure Date: December 18, 2024 (last updated December 19, 2024)

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2.

0