10 matches found
EUVD-2024-3324
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-43431
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access...
BIT-MOODLE-2024-43431 Moodle: idor in badges allows deletion of arbitrary badges
A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access...
Moodle < 4.1.12 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is 4.1.x prior to 4.1.12, 4.2.x prior to 4.2.9, 4.3.x prior to 4.3.6, or 4.4.x prior to 4.4.2. It is, therefore, affected by multiple vulnerabilities. - A LFI vulnerability when restoring malformed block backups....
Authorization Bypass
moodle/moodle is vulnerable to Authorization Bypass. The vulnerability is due to insufficient capability checks, which allowed users to delete badges they did not have permission to access...
CVE-2024-43431
A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access...
UBUNTU-CVE-2024-43431
A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access...
Access Control Bypass
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Access Control Bypass due to insufficient capability checks. An attacker can delete badges they are not authorized to access by exploiting these checks. Remediation Upgrade moodle/moodle to version...
Moodle 安全漏洞
Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from an insufficient function check that allows for the deletion of...
CVE-2022-0335
A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk...