Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2013-5674
HistorySep 16, 2013 - 10:00 a.m.

CVE-2013-5674

2013-09-1610:00:00
mitre
www.cve.org
10
moodle 2.5.x
object injection
remote attackers
php
userid parameter

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

68.1%

JSON

badges/external.php in Moodle 2.5.x before 2.5.2 does not properly handle an object obtained by unserializing a description of an external badge, which allows remote attackers to conduct PHP object injection attacks via unspecified vectors, as demonstrated by overwriting the value of the userid parameter.

Related

nessus 2
packetstorm 1
nvd 1
prion 1
veracode 1
zdt 1
cve 1
ubuntucve 1
securityvulns 1
nessus
nessus
Moodle 'external.php' 'badge' Parameter XSS
2013-09-20 00:00:00
Moodle 2.3.x < 2.3.9 / 2.4.x < 2.4.6 / 2.5.x < 2.5.2 Multiple Vulnerabilities
2016-07-21 00:00:00
packetstorm
packetstorm
Moodle CMS 2.5.0-1 Cross Site Scripting
2013-09-16 00:00:00
nvd
nvd
CVE-2013-5674
2013-09-16 13:02:48
prion
prion
Design/Logic Flaw
2013-09-16 13:02:00
veracode
veracode
Remote Code Execution (RCE) Through Deserialization
2017-07-07 10:32:10
zdt
zdt
Moodle CMS 2.5.0-1 Cross Site Scripting Vulnerability
2013-09-17 00:00:00
cve
cve
CVE-2013-5674
2013-09-16 13:02:48
ubuntucve
ubuntucve
CVE-2013-5674
2013-09-16 00:00:00
securityvulns
securityvulns
Moodle 2.5.0-1 &#40;badges/external.php&#41; PHP Object Injection Vulnerability
2013-10-03 00:00:00

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

68.1%

JSON
Related for CVELIST:CVE-2013-5674
nessus2packetstorm1nvd1prion1veracode1zdt1cve1ubuntucve1securityvulns1