Openeclass Gunet Openeclass
5 CVEs affecting Openeclass Gunet Openeclass. Latest disclosed: 2026-02-03. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-37116 | High | 8.8 | 2026-02-03 | GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmi… |
CVE-2020-37113 | High | 8.8 | 2026-02-03 | GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension restrictions when uploading files. By renaming a PHP file to .php3 or .PhP, an attac… |
CVE-2020-37112 | High | 7.1 | 2026-02-03 | GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through unvalidated pa… |
CVE-2020-37115 | Medium | 6.5 | 2026-02-03 | GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption… |
CVE-2020-37114 | Medium | 4.3 | 2026-02-03 | GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and o… |