Lucene search
K

26 matches found

Cvelist
Cvelist
added 2018/09/17 8:0 p.m.23 views

CVE-2018-14631

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

8.8CVSS8.4AI score0.01803EPSS
Exploits0References4
CVE
CVE
added 2018/09/17 8:0 p.m.60 views

CVE-2018-14631

CVE-2018-14631 affects Moodle before versions 3.5.2, 3.4.5, and 3.3.8. The vulnerability arises in the Boost theme’s blog search: the GET parameter used for search is not sufficiently filtered, and the breadcrumb navigation rendered for search results can be exploited to perform a reflected Cross...

8.8CVSS6AI score0.01803EPSS
Exploits0References4Affected Software1
FreeBSD
FreeBSD
added 2018/09/05 12:0 a.m.515 views

moodle -- multiple vulnerabilities

moodle reports: Moodle XML import of ddwtos could lead to intentional remote code execution QuickForm library remote code vulnerability upstream Boost theme - blog search GET parameter insufficiently filtered...

9.8CVSS2.7AI score0.04425EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2017/03/20 12:0 a.m.109 views

FreeBSD : moodle -- multiple vulnerabilities (f72d98d1-0b7e-11e7-970f-002590263bf5)

Marina Glancy reports : - MSA-17-0001: System file inclusion when adding own preset file in Boost theme - MSA-17-0002: Incorrect sanitation of attributes in forums - MSA-17-0003: PHPMailer vulnerability in no-reply address - MSA-17-0004: XSS in assignment submission page %NASLMINLEVEL 70300 C...

9.8CVSS6.7AI score0.98038EPSS
Exploits19References5
Tenable Nessus
Tenable Nessus
added 2017/01/27 12:0 a.m.16 views

Moodle 3.0.x < 3.0.8 Multiple Vulnerabilities

Binary data 9922.prm...

6.1CVSS7.3AI score0.01015EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2017/01/17 12:0 a.m.72 views

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-17-0001: System file inclusion when adding own preset file in Boost theme MSA-17-0002: Incorrect sanitation of attributes in forums MSA-17-0003: PHPMailer vulnerability in no-reply address MSA-17-0004: XSS in assignment submission page...

5.3CVSS7.4AI score0.01015EPSS
Exploits0References1
Rows per page
Query Builder