Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbMorpheus[bd]EDB-ID:24279
HistoryJul 13, 2004 - 12:00 a.m.

Moodle Help Script 1.x - Cross-Site Scripting

2004-07-1300:00:00
morpheus[bd]
www.exploit-db.com
12

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/10718/info

It is reported that Moodle is susceptible to a cross-site scripting vulnerability in the 'help.php' script. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamic web content.

This issue may allow for theft of cookie-based authentication credentials. Other attacks are also possible.

http://www.example.com/help.php?file={XSS}

Related

cvelist 1
nessus 1
cve 1
nvd 1
cvelist
cvelist
CVE-2004-0725
2004-07-23 04:00:00
nessus
nessus
Moodle < 1.3.3 'help.php' 'file' Parameter XSS
2004-07-26 00:00:00
cve
cve
CVE-2004-0725
2004-07-27 04:00:00
nvd
nvd
CVE-2004-0725
2004-07-27 04:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:24279
cvelist1nessus1cve1nvd1