Moodle - Cross-Site Scripting/Remote Code Execution

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. Moodle versions 4.1.x before 4.1.3 and 4.2.x before...

CVE-2026-30943 Gokapi has Privilege Escalation in File Replace

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An insufficient authorization check in the file replace API allows a user with only list visibility permission UserPermListOtherUploads to delete another user's file by abusing the...

EUVD-2025-30943

Malicious code in bioql PyPI...

EUVD-2022-30943

Malicious code in bioql PyPI...

CVE-2025-30943

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

WordPress Posts Slider Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Posts Slider Shortcode versions = 1.0...

CVE-2025-30943 WordPress Posts Slider Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Posts Slider Shortcode posts-slider-shortcode allows DOM-Based XSS.This issue affects Posts Slider Shortcode: from n/a through = 1.0...

CVE-2021-30943

An issue in the handling of group membership was resolved with improved logic. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1. A malicious user may be able to leave a messages group but continue to receive messages in that group...

Exploit for External Control of File Name or Path in Moodle

CVE-2023-30943Moodle self-xss Отказ от ответственности...

Exploit for External Control of File Name or Path in Moodle

CVE-2023-30943 Vulnerability Scanner This tool detects a vuln...

Fedora 37 : moodle (2023-60a90b6e6a)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-60a90b6e6a advisory. Fixes for CVE-2023-30943 and CVE-2023-30944. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora 36 : moodle (2023-49eb814ccc)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-49eb814ccc advisory. Fixes for CVE-2023-30943 and CVE-2023-30944. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

CVE-2023-30943

creationtimestamp| type| source ---|---|--- 2023-05-03 00:30:27+00:00| seen| https://t.me/cibsecurity/63177 2023-08-31 08:22:19+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5049 2023-09-01 05:35:16+00:00| published-proof-of-concept| https://t.me/CNArsenal/980 2023-09-01...

CVE-2023-30943

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system...

CVE-2023-30943

CVE-2023-30943 (Moodle): Moodle 4.1.x before 4.1.3 and 4.2.x before 4.2.0 are vulnerable to unauthenticated arbitrary folder creation via TinyMCE loader path handling, which can be leveraged to perform Stored XSS and, when an admin visits the panel, arbitrary code execution on the server. Affecte...

CVE-2022-30943

The CVE-2022-30943 entry affects Cybozu Garoon, specifically versions 4.0.0 to 5.9.1. The vulnerability is a browsing restriction bypass in Bulletin, enabling a remote authenticated attacker to obtain Bulletin data due to improper access restrictions. Impact details from the sources describe data...

JVN#14077132: Multiple vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-2909 Operation restriction bypass in multiple applications CWE-285 - CVE-2022-30602 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L| Base Score: 5.4 CVSS v2|...

CVE-2021-30943

An issue in the handling of group membership was resolved with improved logic. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1. A malicious user may be able to leave a messages group but continue to receive messages in that group...

CVE-2021-30943

Apple CVE-2021-30943 concerns an issue in the Messages app where handling of group membership could allow a malicious user to leave a messages group while still receiving messages in that group. The root cause is described as a logic flaw in group membership handling, and Apple states a fix is im...

Unspecified Vulnerability in Oracle Sun Systems Products Suite Solaris (CNVD-2019-30943)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is one of the computer operating system components. A security vulnerability exists in the Kernel subcomponent of the Solaris component of Oracle Sun Systems Products Suite, version 11.3...