Mahara before 1.3.6 allows remote authenticated users to bypass intended access restrictions and perform unauthorized actions via various requests associated with specific files, leading to incorrect privilege enforcement, missing user id check, and incorrect enforcement of the Overriding Start/Stop Dates setting
Reporter | Title | Published | Views | Family All 14 |
---|---|---|---|---|
![]() | CVE-2011-1402 | 13 May 201122:00 | – | cvelist |
![]() | Design/Logic Flaw | 13 May 201122:55 | – | prion |
![]() | CVE-2011-1402 | 13 May 201100:00 | – | ubuntucve |
![]() | CVE-2011-1402 | 13 May 201122:55 | – | cve |
![]() | [SECURITY] [DSA 2246-1] mahara security update | 29 May 201111:48 | – | debian |
![]() | [SECURITY] [DSA 2246-1] mahara security update | 29 May 201111:48 | – | debian |
![]() | Mahara Multiple Remote Vulnerabilities | 23 May 201100:00 | – | openvas |
![]() | Mahara Multiple Remote Vulnerabilities | 23 May 201100:00 | – | openvas |
![]() | Debian: Security Advisory (DSA-2246-1) | 3 Aug 201100:00 | – | openvas |
![]() | Debian Security Advisory DSA 2246-1 (mahara) | 3 Aug 201100:00 | – | openvas |
Source | Link |
---|---|
launchpad | www.launchpad.net/mahara/+bug/771644 |
launchpad | www.launchpad.net/mahara/+bug/771653 |
debian | www.debian.org/security/2011/dsa-2246 |
launchpad | www.launchpad.net/mahara/+bug/772140 |
secunia | www.secunia.com/advisories/44433 |
launchpad | www.launchpad.net/mahara/+bug/771614 |
launchpad | www.launchpad.net/mahara/+bug/746182 |
launchpad | www.launchpad.net/mahara/+bug/771637 |
securityfocus | www.securityfocus.com/bid/47798 |
launchpad | www.launchpad.net/mahara/+bug/771623 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo