Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2024-38701

Disclosure Date: July 22, 2024 (last updated August 15, 2024)
Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-37234

Disclosure Date: July 06, 2024 (last updated July 06, 2024)
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kodezen Limited Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4.
0
0
Attacker Value
Unknown

CVE-2024-32714

Disclosure Date: June 09, 2024 (last updated January 30, 2025)
Missing Authorization vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.16.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-35171

Disclosure Date: May 14, 2024 (last updated January 28, 2025)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.25.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-33912

Disclosure Date: May 06, 2024 (last updated February 04, 2025)
Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-1505

Disclosure Date: March 13, 2024 (last updated January 23, 2025)
The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.9.19. This is due to plugin allowing arbitrary user meta updates through the saved_user_info() function. This makes it possible for authenticated attackers, with minimal permissions such as students, to elevate their user role to that of an administrator.
0
0