Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
19034.1%CRITICAL

Related CVEs

9
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-46204An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint.MEDIUM6.526.4%Jun 4, 2025
CVE-2025-46203An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint.MEDIUM6.523.8%Jun 4, 2025
CVE-2025-25621Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected endpoint is /courses/teacher/index?teacher_id=2&semester_id=1.MEDIUM4.328.1%Mar 17, 2025
CVE-2025-25618Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers.LOW3.334.4%Mar 17, 2025
CVE-2025-25620Unifiedtransform 2.0 is vulnerable to Cross Site Scripting (XSS) in the Create assignment function.MEDIUM5.440.0%Mar 10, 2025
CVE-2025-25614Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows teachers to update the personal data of fellow teachers.HIGH8.848.3%Mar 10, 2025
CVE-2025-25616Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify rules for exams. The affected endpoint is /exams/edit-rule?exam_rule_id=1.MEDIUM4.330.9%Mar 10, 2025
CVE-2025-25615Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance list for all class sections.LOW2.736.2%Mar 10, 2025
CVE-2024-53573Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for administrative use. This issue specifically affects teacher/edit/{id}.CRITICAL9.839.1%Feb 26, 2025