Filtered by vendor Formalms
Subscribe
Total
14 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-41680 | 1 Formalms | 1 Formalms | 2022-11-01 | N/A | 6.5 MEDIUM |
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker (with the role of student) to perform a SQL injection on the 'search[value] parameter in the appLms/ajax.server.php?r=mycertificate/getMyCertificates' function in order to dump the entire database. | |||||
CVE-2022-42923 | 1 Formalms | 1 Formalms | 2022-11-01 | N/A | 8.8 HIGH |
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker (with the role of student) to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete' function in order to dump the entire database or delete all contents from the 'core_user_file' table. | |||||
CVE-2022-41681 | 1 Formalms | 1 Formalms | 2022-11-01 | N/A | 8.8 HIGH |
There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the SCORM importer feature. The exploitation of this vulnerability could lead to a remote code injection. | |||||
CVE-2022-41679 | 1 Formalms | 1 Formalms | 2022-11-01 | N/A | 6.1 MEDIUM |
Forma LMS version 3.1.0 and earlier are affected by an Cross-Site scripting vulnerability, that could allow a remote attacker to inject javascript code on the “back_url” parameter in appLms/index.php?modname=faq&op=play function. The exploitation of this vulnerability could allow an attacker to steal the user´s cookies in order to log in to the application. | |||||
CVE-2022-42924 | 1 Formalms | 1 Formalms | 2022-11-01 | N/A | 6.5 MEDIUM |
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker (with the role of student) to perform a SQL injection on the 'dyn_filter' parameter in the 'appLms/ajax.adm_server.php?r=widget/userselector/getusertabledata' function in order to dump the entire database. | |||||
CVE-2022-42925 | 1 Formalms | 1 Formalms | 2022-11-01 | N/A | 8.8 HIGH |
There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the plugin upload component. The exploitation of this vulnerability could lead to a remote code injection. | |||||
CVE-2019-5109 | 1 Formalms | 1 Formalms | 2022-07-17 | 6.5 MEDIUM | 8.8 HIGH |
Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system. | |||||
CVE-2019-5110 | 1 Formalms | 1 Formalms | 2022-07-17 | 6.5 MEDIUM | 8.8 HIGH |
Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system. | |||||
CVE-2019-5111 | 1 Formalms | 1 Formalms | 2022-07-17 | 6.5 MEDIUM | 8.8 HIGH |
Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filter_cat was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system. | |||||
CVE-2019-5112 | 1 Formalms | 1 Formalms | 2022-07-17 | 6.5 MEDIUM | 8.8 HIGH |
Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filter_status was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and, in certain configurations, access the underlying operating system. | |||||
CVE-2021-43136 | 1 Formalms | 1 Formalms | 2022-07-12 | 6.8 MEDIUM | 9.8 CRITICAL |
An authentication bypass issue in FormaLMS <= 2.4.4 allows an attacker to bypass the authentication mechanism and obtain a valid access to the platform. | |||||
CVE-2022-27104 | 1 Formalms | 1 Formalms | 2022-04-27 | 7.5 HIGH | 9.8 CRITICAL |
An Unauthenticated time-based blind SQL injection vulnerability exists in Forma LMS prior to v.1.4.3. | |||||
CVE-2020-26802 | 1 Formalms | 1 Formalms | 2020-10-15 | 6.8 MEDIUM | 8.8 HIGH |
forma.lms 2.3.0.2 is affected by Cross Site Request Forgery (CSRF) in formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover. | |||||
CVE-2014-5257 | 1 Formalms | 1 Formalms | 2018-10-09 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.php. |