Lucene search
K

92 matches found

Exploit DB
Exploit DB
added 2013/10/31 12:0 a.m.75 views

Moodle - Remote Command Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit4 'Moodle Remote Command Execution', 'Description' = %q Moodle allows an authenticated user to define spellchec...

4.6CVSS7AI score0.42566EPSS
Exploits10
Metasploit
Metasploit
added 2013/10/30 3:25 p.m.21 views

Moodle Remote Command Execution

Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the path for the spellchecker to an arbitrary command, an attacker can run arbitrary commands in the...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2013/10/30 12:0 a.m.59 views

Moodle Remote Command Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit4 'Moodle Remote Command Execution', 'Description' = %q Moodle allows an authenticated user to define spellchec...

4.6CVSS0.42566EPSS
Exploits10
OpenVAS
OpenVAS
added 2009/01/26 12:0 a.m.26 views

Fedora Core 9 FEDORA-2009-0814 (moodle)

The remote host is missing an update to moodle announced via advisory FEDORA-2009-0814. OpenVAS Vulnerability Test $Id: fcore20090814.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0814 moodle Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...

10CVSS0.9AI score0.08985EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2009/01/26 12:0 a.m.28 views

Fedora Core 9 FEDORA-2009-0814 (moodle)

The remote host is missing an update to moodle announced via advisory FEDORA-2009-0814. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

10CVSS8.9AI score0.08985EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2009/01/26 12:0 a.m.30 views

Fedora Core 10 FEDORA-2009-0819 (moodle)

The remote host is missing an update to moodle announced via advisory FEDORA-2009-0819. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

10CVSS8.9AI score0.08985EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2009/01/22 12:0 a.m.34 views

Fedora 9 : moodle-1.9.3-5.fc9 (2009-0814)

Fix for spellcheck security flaw, and some font correction. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

6.9CVSS5.3AI score0.0039EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2007/06/30 12:0 a.m.23 views

sPHPell 1.01 - Multiple Remote File Inclusions

sphpell - 1.01 Remote File Include --------------------------------------------------------------------------------- Bulan: Cyber-security // Cyber-security.org --------------------------------------------------------------------------------- script...

7.4AI score
Exploits0
NVD
NVD
added 2007/05/31 12:30 a.m.13 views

CVE-2007-2935

core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dict parameter...

7.5CVSS7.7AI score0.09567EPSS
Exploits0References6
CVE
CVE
added 2007/05/31 12:0 a.m.39 views

CVE-2007-2935

CVE-2007-2935 affects Fundanemt prior to 2.2.0.1. The vulnerability is in core/spellcheck/spellcheck.php where the dict parameter can be tainted with shell metacharacters, allowing remote command execution. Root cause is unsanitized input reaching a shell/command path; impact is remote arbitrary ...

7.5CVSS7.7AI score0.09567EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2006/06/07 12:2 a.m.2 views

DEBIAN-CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

7.5CVSS7.4AI score0.14038EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2006/05/31 12:0 a.m.20 views

dokuwiki -- multiple vulnerabilities

Multiple vulnerabilities have been reported within dokuwiki. dokuwiki is proven vulnerable to: arbitrary PHP code insertion via spellcheck module, XSS attack via "Update your account profile," bypassing of ACL controls when enabled...

3AI score
Exploits0References3
Rows per page
Query Builder