Wisdomgarden

wisdomgarden

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Tronclass Ilearn

tronclass_ilearn

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-6738 1Wisdomgarden 1Tronclass Nov 21, 2024 Jul 15, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL.
CVE-2023-41356 1Wisdomgarden 1Tronclass Ilearn Nov 21, 2024 Nov 3, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary syst...Show more NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files.Show less
CVE-2023-24834 1Wisdomgarden 1Tronclass Ilearn Nov 21, 2024 Mar 27, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 WisdomGarden Tronclass has improper access control when uploading file. An authenticated remote attacker with general user privilege can exploit this vulnerability to access files belonging to other users by modifying th...Show more WisdomGarden Tronclass has improper access control when uploading file. An authenticated remote attacker with general user privilege can exploit this vulnerability to access files belonging to other users by modifying the file ID within URL.Show less