Debian Security Advisory DSA 1030-1 (moodle)

The remote host is missing an update to moodle announced via advisory DSA 1030-1. Several vulnerabilities have been discovered in libphp-adodb, the 'adodb' database abstraction layer for PHP, which is embedded in moodle, a course management system for online learning. The Common Vulnerabilities a...

[SECURITY] Fedora 7 Update: moodle-1.8.4-1.fc7

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

[SECURITY] Fedora 8 Update: moodle-1.8.4-1.fc8

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

[HSC] Snitz Forums Multiple Vulnerabilities

HSC Snitz Forums Multiple Vulnerabilities Snitz Forums Default Database installation allows remote users to download the database which contains critical information. As a result, an attacker exploiting this vulnerability will be able to obtain detailed information. An attacker may leverage xss...

dokeos-xss.txt

HSC Dokeos Multiple Cross-Site Scripting Vulnerabilities Dokeos is a learning management systemused to manage e-learning. It's prone to cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the conte...

[HSC] Dokeos Multiple Cross-Site Scripting Vulnerabilities

HSC Dokeos Multiple Cross-Site Scripting Vulnerabilities Dokeos is a learning management system used to manage e-learning. It's prone to cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the...

CVE-2007-6338

SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter username field. NOTE: some of these details are obtained from third party information...

CourseMill Enterprise Learning Management System 'userlogin.jsp' SQL注入漏洞

CourseMill Enterprise Learning Management System是一款基于JSP的WEB应用程序。 CourseMill Enterprise Learning Management System不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。 问题是由于'userlogin.jsp'脚本对用户提交的用户名参数处理缺少充分过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 Trivantis CourseMill Enterprise Learning...

JVN#79295963 NetCommons cross-site scripting vulnerability

NetCommons from the NetCommons Project is an open source content management system which provides e-learning and groupware functions. NetCommons contains a cross-site scripting vulnerability. This vulnerability is different from JVN51301450. Impact An attacker could execute an arbitrary script on...

ILIAS <= 3.8.3 Cross Site Scripting

====================================================================== ILIAS = 3.8.3 Cross Site Scripting ====================================================================== Author: L4teral l4teral 4t gmail com Impact: Cross Site Scripting Status: patch available ------------------------------...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the 1 subjectt and 2 bodytext parameters. NOTE: vector 2...

CVE-2007-5227

Multiple cross-site scripting XSS vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the 1 subjectt and 2 bodytext parameters. NOTE: vector 2...

CVE-2007-5227

Multiple cross-site scripting XSS vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the 1 subjectt and 2 bodytext parameters. NOTE: vector 2...

CVE-2007-5227

Affected software: Blackboard Learning System 6.3.1.593 and earlier Blackboard Academic Suite. Vulnerability: cross-site scripting in messaging/course/composeMessage.jsp; exploitable via the subject_t and body_text parameters (vector 2 bypasses a client-side filter). Impact: allows remote attacke...

[SECURITY] Fedora 7 Update: moodle-1.8.2-1.fc7

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

claroline-rfi.txt

claroline [email protected] Homepage: http://www.MoHaNdKo.cOm Exploit:Path/claroline/inc/lib/rootSys=Shell Greetz To: Tryag-Team & AsbMay's Group & Xp10 TeAm & CiTy GhOsTs TeAm Greetz To: mY Love Dr.hacker BiG seso...

claroline <= Multiple Remote File Include Vulnerablitiy

claroline = Multiple Remote File Include Vulnerablitiy D.Script: http://www.e-learningone.it/softwarefree/e-learning/claroline175.zip Discovered by: MoHaNdKo-=-=- [email protected] Homepage: http://www.MoHaNdKo.cOm Exploit:Path/claroline/inc/lib/rootSys=Shell Greetz To: Tryag-Team & AsbMay's Gro...

MOODLE <= 1.5.2 user password read out

--/ INTRODUCTION -- / Advisory : MOODLE = 1.5.2 user password read out Release Date : 17. March 2007 Application : Moodle.org is a course management system CMS : to help educators create effective online learning communities. Impact : read out user account passwords in md5 hash Googledork :...

Moodle <= 1.5.2 (moodledata) Remote Session Disclosure Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Moodle 2KB SESSION|O:6:"object":12:s:12:"sessiontest...

OES (Open Educational System) 0.1beta Remote File Inclusion Vuln

No description provided by source. \ /\ / | \ | / // / | | \ \ Y / | / / \ /\| /\ / / / / / .OR.ID ECHOADV69$2007 ----------------------------------------------------------------------------------------- ECHOADV69$2007 OES Open Educational System 0.1beta Remote File Inclusion Vulnerability...