Lucene search
K

54 matches found

Cvelist
Cvelist
added 2018/09/17 8:0 p.m.23 views

CVE-2018-14631

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

8.8CVSS8.4AI score0.01803EPSS
Exploits0References4
CVE
CVE
added 2018/09/17 8:0 p.m.60 views

CVE-2018-14631

CVE-2018-14631 affects Moodle before versions 3.5.2, 3.4.5, and 3.3.8. The vulnerability arises in the Boost theme’s blog search: the GET parameter used for search is not sufficiently filtered, and the breadcrumb navigation rendered for search results can be exploited to perform a reflected Cross...

8.8CVSS6AI score0.01803EPSS
Exploits0References4Affected Software1
Openbugbounty
Openbugbounty
added 2018/09/17 11:46 a.m.10 views

nagaokakoumuten.com XSS vulnerability

Open Bug Bounty ID: OBB-677277 Description| Value ---|--- Affected Website:| nagaokakoumuten.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
FreeBSD
FreeBSD
added 2018/09/05 12:0 a.m.515 views

moodle -- multiple vulnerabilities

moodle reports: Moodle XML import of ddwtos could lead to intentional remote code execution QuickForm library remote code vulnerability upstream Boost theme - blog search GET parameter insufficiently filtered...

9.8CVSS2.7AI score0.04425EPSS
Exploits3References1
Openbugbounty
Openbugbounty
added 2018/09/03 2:3 p.m.29 views

yasarkizilkum.com.tr XSS vulnerability

Open Bug Bounty ID: OBB-672518 Description| Value ---|--- Affected Website:| yasarkizilkum.com.tr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Veracode
Veracode
added 2017/05/24 10:17 a.m.18 views

Unauthorized Blog Search

Moodle is vulnerable to unauthorized blog searches. There is a missing capability check that allows users to search blogs without permission...

5.3CVSS6.5AI score0.01046EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/05/15 2:29 p.m.3 views

UBUNTU-CVE-2017-7490

In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing...

5.3CVSS6.3AI score0.01046EPSS
Exploits0References3
CVE
CVE
added 2017/05/15 2:0 p.m.65 views

CVE-2017-7490

CVE-2017-7490 affects Moodle 2.x and 3.x. The vulnerability arises from a missing capability check that enables searching of arbitrary blogs, exposing potential information that should be restricted. The provided documents describe the flaw as a capability check omission but do not supply additio...

5.3CVSS5.6AI score0.01046EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2017/02/01 9:57 a.m.14 views

oknation.nationtv.tv XSS vulnerability

Vulnerable URL: http://oknation.nationtv.tv/blog/searchblogindex.php?keyword=tsetprompt/OPENBUGBOUNTY/...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/01/30 8:36 a.m.19 views

domo.com XSS vulnerability

Vulnerable URL: https://www.domo.com/blog/?s=alert/OPENBUGBOUNTY/...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/10/26 2:0 p.m.10 views

kkpp.blox.pl XSS vulnerability

Vulnerable URL: http://kkpp.blox.pl?page=blogPublicSearch= blogPublicSearch'A Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

6.3AI score
Exploits0
CNVD
CNVD
added 2016/01/21 12:0 a.m.4 views

Cross-Site Scripting Vulnerability in DotCMS Blog Search Page

DotCMS is a content management system CMS from the American company DotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A cross-site scripting vulnerability exists in DotCMS version 3.3, which originates from the blogs/ page in the...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/10/31 9:3 p.m.13 views

doomby.com XSS vulnerability

Vulnerable URL: http://www.doomby.com/blog/do/search?q=%3C/title%3E%3Cimg%20src=x%20onerror=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 21.11.2015 Latest check for patch:| 21.11.2015 22:00 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

6.3AI score
Exploits0
Fedora
Fedora
added 2009/10/14 1:52 a.m.20 views

[SECURITY] Fedora 11 Update: drupal-service_links-6.x.1.0-5.fc11

The service links module enables admins to add links to a number of social bookmarking sites, blog search sites etc. Includes sites are del.icio.us, Digg, Reddit, ma.gnolia.com, Newsvine, Furl, Google, Yahoo, Technorati and IceRocket...

3.5CVSS2.5AI score0.01362EPSS
Exploits1
Rows per page
Query Builder