92 matches found
Moodle - Remote Command Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit4 'Moodle Remote Command Execution', 'Description' = %q Moodle allows an authenticated user to define spellchec...
Moodle Remote Command Execution
Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the path for the spellchecker to an arbitrary command, an attacker can run arbitrary commands in the...
Moodle Remote Command Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit4 'Moodle Remote Command Execution', 'Description' = %q Moodle allows an authenticated user to define spellchec...
Fedora Core 9 FEDORA-2009-0814 (moodle)
The remote host is missing an update to moodle announced via advisory FEDORA-2009-0814. OpenVAS Vulnerability Test $Id: fcore20090814.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0814 moodle Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...
Fedora Core 9 FEDORA-2009-0814 (moodle)
The remote host is missing an update to moodle announced via advisory FEDORA-2009-0814. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora Core 10 FEDORA-2009-0819 (moodle)
The remote host is missing an update to moodle announced via advisory FEDORA-2009-0819. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Fedora 9 : moodle-1.9.3-5.fc9 (2009-0814)
Fix for spellcheck security flaw, and some font correction. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
sPHPell 1.01 - Multiple Remote File Inclusions
sphpell - 1.01 Remote File Include --------------------------------------------------------------------------------- Bulan: Cyber-security // Cyber-security.org --------------------------------------------------------------------------------- script...
CVE-2007-2935
core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dict parameter...
CVE-2007-2935
CVE-2007-2935 affects Fundanemt prior to 2.2.0.1. The vulnerability is in core/spellcheck/spellcheck.php where the dict parameter can be tainted with shell metacharacters, allowing remote command execution. Root cause is unsanitized input reaching a shell/command path; impact is remote arbitrary ...
DEBIAN-CVE-2006-2878
The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...
dokuwiki -- multiple vulnerabilities
Multiple vulnerabilities have been reported within dokuwiki. dokuwiki is proven vulnerable to: arbitrary PHP code insertion via spellcheck module, XSS attack via "Update your account profile," bypassing of ACL controls when enabled...