[SECURITY] Fedora 20 Update: moodle-2.5.9-1.fc20

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

[SECURITY] Fedora 20 Update: klettres-4.14.1-1.fc20

KLettres aims to help to learn the alphabet and then to read some syllables in different languages. It is meant to help learning the very first sounds of a new language, for children or for adults...

[SECURITY] Fedora 21 Update: moodle-2.7.2-1.fc21

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

Information disclosure

The Kids Preschool Learning Games aka air.com.tribalnova.ilearnwith.ipad.App3En application 1.3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5553

The CVE-2014-5553 entry corresponds to The Kids Preschool Learning Games Android app (1.3.2, alias air.com.tribalnova.ilearnwith.ipad.App3En) failing to verify X.509 certificates from SSL servers. This improper TLS/ certificate validation enables potential man-in-the-middle attackers to spoof leg...

CVE-2014-5553

The Kids Preschool Learning Games aka air.com.tribalnova.ilearnwith.ipad.App3En application 1.3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Looking Ahead to MIRcon 2014

As targeted cyber attacks become increasingly prevalent, today's cybersecurity professionals are being tested like never before. The upcoming Mandiant Incident Response Conference MIRcon® - October 7 & 8, 2014 - offers attendees the chance to hear insights from some of the most respected and...

[SECURITY] Fedora 20 Update: moodle-2.5.7-1.fc20

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

用友某通用学习管理系统设计不当致用户信息泄漏(可批量)

简要描述： 已经有大牛呵呵过了，至于是谁..自己猜去 详细说明： WooYun: 某通用型在线学习管理系统存在任意文件上传及任意文件下载漏洞 , WooYun: 某通用型在线学习管理系统存在任意文件上传漏洞（另一种奇葩姿势） 用友的e-Learning，wefgod大牛提交过，这里摘取一下他之前提供的弱口令： 首先需要一个低权限账号登录（反正没有验证码，设定好简单密码，按数字直接丢去暴了都没有问题） 给出几个默认或简单密码的： http://58.214.233.113:8800/lmsv5/ 00041013/123456 00041014/123456...

CVE-2014-2456

Unspecified vulnerability in the PeopleSoft Enterprise ELS Enterprise Learning Management component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the PeopleSoft Enterprise ELS Enterprise Learning Management component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

CVE-2014-2456

Technical details for CVE-2014-2456 are not publicly provided in the connected documents. Monitoring for updates is recommended; no concrete vulnerable component, impact, or remediation is described in the supplied materials.

Pre E-Learning Portal 'search_result.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38582/info Pre E-Learning Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Dokeos E-Learning System 1.8.5 - Local File Inclusion Vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-029 Application: Dokeos E-Learning System Versions Affected: 1.8.5 Vendor URL: http://dokeos.com/ Bug: Local File Include Exploits: YES Reported: 01.07.2008 Vendor response: 05.07.2008 Solution: YES Date ...

ILIAS <= 3.7.4 (ref_id) Blind SQL Injection Vulnerability

No description provided by source. ILIAS Learning Management = 3.7.4 - SQL Injection Vulnerability Vulnerability discovered by: LidlosesAuge Greetz to: -=Player=- , Suicide, g4ms3, enco, Palme, GPM, karamble, Free-Hack Date: 24.12.2008 Developer: http://www.ilias.de Dork 1: powered by ILIAS Dork ...

Claroline 1.5/1.6 user_access_details.php data Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...

Schoolhos CMS Beta 2.29 (index.php, id parameter) SQL Injection

No description provided by source. Exploit Title: Schoolhos CMS SQL Injetions Google Dork: intext:Schoolhos Free Open Source CMS Date: 22 Oktober 2012 Exploit Author: Cumi++ Vendor Homepage: http://schoolhos.com/ Version: Beta 2.29 Tested on: Ubuntu 12.04...

Docebo LMS <= 4.0.4 - (messages) Remote Code Execution

No description provided by source. ?php / Docebo LMS = v4.0.4 messages remote code execution exploit vendor: http://www.docebo.com/ software link: http://www.docebo.com/community/doceboCms/ author: mrme::rwx kru email: steventhomasseeley!gmail!com We must become the change we want to see in the...

Ingenium Learning Management System 5.1/6.1 Reversible Password Hash Weakness

No description provided by source. source: http://www.securityfocus.com/bid/5970/info Ingenium Learning Management System uses a weak algorithm to hash user and administrative credentials. Passwords may be trivially obtained by reversing the password hash. An attacker must be able to gain...

Moodle 1.9.3 - Remote Code Execution Vulnerability

No description provided by source. Moodle 1.9.3 Remote Code Execution Name Remote Code Execution in Moodle Systems Affected Moodle 1.9.3 and possibly earlier versions Severity High Impact CVSSv2 High 7.3/10, vector: AV:N/AC:L/Au:M/C:P/I:P/A:C Vendor http://moodle.org/ Advisory...