Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

CVE-2021-44266 (GCVE-0-2021-44266)

Vulnerability from nvd – Published: 2022-06-11 14:50 – Updated: 2024-08-04 04:17

Summary

GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://hg.gunet.gr/openeclass/rev/e0ed11f5768d	x_refsource_MISC
	https://docs.openeclass.org/el/current#%CE%AD%CE%…	x_refsource_MISC
	https://emaragkos.gr/cve-2021-44266/	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:17:24.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hg.gunet.gr/openeclass/rev/e0ed11f5768d"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://emaragkos.gr/cve-2021-44266/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-11T14:52:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hg.gunet.gr/openeclass/rev/e0ed11f5768d"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://emaragkos.gr/cve-2021-44266/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-44266",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://hg.gunet.gr/openeclass/rev/e0ed11f5768d",
              "refsource": "MISC",
              "url": "https://hg.gunet.gr/openeclass/rev/e0ed11f5768d"
            },
            {
              "name": "https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122",
              "refsource": "MISC",
              "url": "https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122"
            },
            {
              "name": "https://emaragkos.gr/cve-2021-44266/",
              "refsource": "MISC",
              "url": "https://emaragkos.gr/cve-2021-44266/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-44266",
    "datePublished": "2022-06-11T14:50:50",
    "dateReserved": "2021-11-29T00:00:00",
    "dateUpdated": "2024-08-04T04:17:24.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-24381 (GCVE-0-2020-24381)

Vulnerability from nvd – Published: 2020-08-19 11:50 – Updated: 2024-08-04 15:12

Summary

GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://emaragkos.gr/cve-2020-24381/	x_refsource_MISC
	https://github.com/gunet/openeclass/issues/39	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:12:08.739Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://emaragkos.gr/cve-2020-24381/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/gunet/openeclass/issues/39"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students\u0027 submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-10T03:03:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://emaragkos.gr/cve-2020-24381/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/gunet/openeclass/issues/39"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-24381",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students\u0027 submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://emaragkos.gr/cve-2020-24381/",
              "refsource": "MISC",
              "url": "https://emaragkos.gr/cve-2020-24381/"
            },
            {
              "name": "https://github.com/gunet/openeclass/issues/39",
              "refsource": "CONFIRM",
              "url": "https://github.com/gunet/openeclass/issues/39"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-24381",
    "datePublished": "2020-08-19T11:50:17",
    "dateReserved": "2020-08-17T00:00:00",
    "dateUpdated": "2024-08-04T15:12:08.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-44266 (GCVE-0-2021-44266)

Vulnerability from cvelistv5 – Published: 2022-06-11 14:50 – Updated: 2024-08-04 04:17

Summary

GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://hg.gunet.gr/openeclass/rev/e0ed11f5768d	x_refsource_MISC
	https://docs.openeclass.org/el/current#%CE%AD%CE%…	x_refsource_MISC
	https://emaragkos.gr/cve-2021-44266/	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:17:24.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hg.gunet.gr/openeclass/rev/e0ed11f5768d"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://emaragkos.gr/cve-2021-44266/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-11T14:52:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hg.gunet.gr/openeclass/rev/e0ed11f5768d"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://emaragkos.gr/cve-2021-44266/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-44266",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://hg.gunet.gr/openeclass/rev/e0ed11f5768d",
              "refsource": "MISC",
              "url": "https://hg.gunet.gr/openeclass/rev/e0ed11f5768d"
            },
            {
              "name": "https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122",
              "refsource": "MISC",
              "url": "https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122"
            },
            {
              "name": "https://emaragkos.gr/cve-2021-44266/",
              "refsource": "MISC",
              "url": "https://emaragkos.gr/cve-2021-44266/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-44266",
    "datePublished": "2022-06-11T14:50:50",
    "dateReserved": "2021-11-29T00:00:00",
    "dateUpdated": "2024-08-04T04:17:24.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-24381 (GCVE-0-2020-24381)

Vulnerability from cvelistv5 – Published: 2020-08-19 11:50 – Updated: 2024-08-04 15:12

Summary

GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://emaragkos.gr/cve-2020-24381/	x_refsource_MISC
	https://github.com/gunet/openeclass/issues/39	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:12:08.739Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://emaragkos.gr/cve-2020-24381/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/gunet/openeclass/issues/39"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students\u0027 submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-10T03:03:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://emaragkos.gr/cve-2020-24381/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/gunet/openeclass/issues/39"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-24381",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students\u0027 submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://emaragkos.gr/cve-2020-24381/",
              "refsource": "MISC",
              "url": "https://emaragkos.gr/cve-2020-24381/"
            },
            {
              "name": "https://github.com/gunet/openeclass/issues/39",
              "refsource": "CONFIRM",
              "url": "https://github.com/gunet/openeclass/issues/39"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-24381",
    "datePublished": "2020-08-19T11:50:17",
    "dateReserved": "2020-08-17T00:00:00",
    "dateUpdated": "2024-08-04T15:12:08.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

4 vulnerabilities found for open_eclass_platform by gunet

CVE-2021-44266 (GCVE-0-2021-44266)

CVE-2020-24381 (GCVE-0-2020-24381)

CVE-2021-44266 (GCVE-0-2021-44266)

CVE-2020-24381 (GCVE-0-2020-24381)