CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

CVE•added 2026/04/24 12:0 a.m.•8 views

CVE-2025-61872

CVE-2025-61872 affects Mahara prior to 25.04.2 and 24.04.11. The issue occurs in the search site feature when using the Elasticsearch7 search plugin, where the Elasticsearch function does not properly sanitize input in the query parameter, potentially allowing a malicious search query to trigger ...

6.1CVSS5.2AI score0.00192EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2013-4306

Malware in sbrugna...

4CVSS6.4AI score0.01112EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-1425

Malware in sbrugna...

5.4CVSS5.5AI score0.00507EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-1439

Malware in sbrugna...

9.8CVSS9.5AI score0.01325EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-1421

Malware in sbrugna...

6.5CVSS6.6AI score0.00889EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-8618

Malware in sbrugna...

5.4CVSS5.5AI score0.00717EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2013-4308

Malware in sbrugna...

5.5CVSS6.4AI score0.01265EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2021-30209

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00602EPSS

Exploits1References2

CVE•added 2025/08/26 12:0 a.m.•14 views

CVE-2024-47853

CVE-2024-47853 affects Mahara versions 23.04.8 and 24.04.4. The issue enables privilege escalation in certain cases during login when using Learning Tools Interoperability (LTI). CVSS 3.1 indicates high impact across confidentiality, integrity, and availability with network attack vector and low ...

8.8CVSS7.5AI score0.00292EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/08/26 12:0 a.m.•4 views

PT-2025-34813 · Mahara · Mahara

Name of the Vulnerable Software and Affected Versions: Mahara versions 23.04.8 and 24.04.4 Description: An issue allows an attacker to download files without proper authorization by using a malicious export download URL. Recommendations: Update to a newer version that contains a fix for this issu...

5.3CVSS7.2AI score0.0015EPSS

Exploits0References6

Cvelist•added 2021/11/03 10:11 a.m.•16 views

CVE-2021-40848

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV injection...

8.6AI score0.00958EPSS

Exploits0References2

Positive Technologies•added 2020/03/09 12:0 a.m.•4 views

PT-2020-20627 · Catalyst It · Mahara

Name of the Vulnerable Software and Affected Versions: Mahara versions 18.10 through 18.10.4 Mahara versions 19.04 through 19.04.3 Mahara versions 19.10 through 19.10.1 Description: The issue concerns the disclosure of file metadata information to group members in the Elasticsearch result list,...

4.3CVSS4.3AI score0.01001EPSS

Exploits0References6

NVD•added 2017/11/03 6:29 p.m.•13 views

CVE-2017-1000143

Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users receiving watchlist notifications about pages they do not have access to anymore...

4.3CVSS4.6AI score0.00663EPSS

Exploits0References1

OpenVAS•added 2011/04/01 12:0 a.m.•15 views

Mahara Cross Site Scripting and Cross Site Request Forgery Vulnerabilities

This host is running Mahara and is prone to cross site scripting and cross site request forgery vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmaharaxssncsrfvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ Mahara Cross Site Scripting and Cross Site Request Forgery Vulnerabilities Authors:...

5.8CVSS0.2AI score0.019EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by