CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42925 – Unrestricted Upload of File with Dangerous Type in Forma LMS
https://notcve.org/view.php?id=CVE-2022-42925
There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the plugin upload component. The exploitation of this vulnerability could lead to a remote code injection. Existe una vulnerabilidad en Forma LMS versión 3.1.0 y anteriores que podría permitir a un atacante autenticado (con el rol de estudiante) escalar privilegios para cargar un archivo Zip a través del componente de carga del complemento. La explotación de esta vulnerabilidad podría dar lugar a una inyección remota de código. • https://www.incibe-cert.es/en/early-warning/security-advisories/multiple-vulnerabilities-forma-lms • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42923 – SQL injection in Forma LMS
https://notcve.org/view.php?id=CVE-2022-42923
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker (with the role of student) to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete' function in order to dump the entire database or delete all contents from the 'core_user_file' table. Forma LMS en su versión 3.1.0 y anteriores es vulnerable a una vulnerabilidad de inyección SQL. La explotación de esta vulnerabilidad podría permitir a un atacante autenticado (con el rol de estudiante) realizar una inyección SQL en el parámetro 'id' en la función 'appCore/index.php? • https://www.incibe-cert.es/en/early-warning/security-advisories/multiple-vulnerabilities-forma-lms • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27104
https://notcve.org/view.php?id=CVE-2022-27104
An Unauthenticated time-based blind SQL injection vulnerability exists in Forma LMS prior to v.1.4.3. Se presenta una vulnerabilidad de inyección SQL ciega no autenticada basada en el tiempo en Forma LMS versiones anteriores a v.1.4.3 • https://www.formalms.org/download.html https://www.swascan.com/it/security-blog https://www.swascan.com/security-advisory-forma-lms • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 23%CPEs: 1EXPL: 3CVE-2021-43136 – FormaLMS 2.4.4 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2021-43136
An authentication bypass issue in FormaLMS <= 2.4.4 allows an attacker to bypass the authentication mechanism and obtain a valid access to the platform. Un problema de omisión de autenticación en FormaLMS versiones anteriores a 2.4.4 incluyéndola, permite a un atacante omitir el mecanismo de autenticación y obtener un acceso válido a la plataforma FormaLMS versions 2.4.4 and below suffer from an authentication bypass vulnerability. • https://www.exploit-db.com/exploits/50513 http://packetstormsecurity.com/files/164930/FormaLMS-2.4.4-Authentication-Bypass.html https://blog.hacktivesecurity.com https://blog.hacktivesecurity.com/index.php/2021/10/05/cve-2021-43136-formalms-the-evil-default-value-that-leads-to-authentication-bypass https://formalms.org • CWE-798: Use of Hard-coded Credentials •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3CVE-2014-5257 – Forma Lms 1.2.1 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2014-5257
Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.php. Múltiples vulnerabilidades de XSS en Forma Lms anterior a 1.2.1 p01 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de el parámetro (1) id_custom en una solicitud amanmenu o (2) id_game en una solicitud alms/games/edit en appCore/index.php. Forma Lms version 1.2.1 suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/128978/Forma-Lms-1.2.1-Cross-Site-Scripting.html http://sourceforge.net/projects/forma/files/version%201.x/formalms-v1.2.1-p01.zip/download http://www.securityfocus.com/archive/1/533905/100/0/threaded http://www.securityfocus.com/bid/70914 https://www.htbridge.com/advisory/HTB23226 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •