CVE-2026-8240 Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure in Backend\SummaryTemplate

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across every page with a configured summary template, revealing the existence of private, draft, and restricted pages while leaking title, path, description, and author information. The Concrete CMS security te...

Concrete CMS 访问控制错误漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier contained a access control vulnerability caused by unvalidated page metadata exposure. This vulnerability could lead to the disclosure of titles, paths, descriptions, and...

EUVD-2022-3794

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-30598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

Craft CMS Twig Template Injection RCE via FTP Templates Path

This module exploits a Twig template injection vulnerability in Craft CMS by abusing the --templatesPath argument. The vulnerability allows arbitrary template loading via FTP, leading to Remote Code Execution RCE. Module Options msf use exploit/linux/http/craftcmsftptemplate msf...

BIT-MOODLE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

GHSA-FJ6P-G234-RRV3 Exposure of Sensitive Information in moodle

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

Exposure of Sensitive Information in moodle

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

CVE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

CVE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

CVE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

CVE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

Design/Logic Flaw

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

UBUNTU-CVE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

CVE-2022-30598

CVE-2022-30598 concerns Moodle where the global search results could disclose author information for certain activities to users who should not have access. The connected documents reiterate an information-disclosure flaw in Moodle’s global search results, but do not provide explicit root-cause d...

CVE-2022-30598

A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it...

Moodle 信息泄露漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the fact that global search results may contain author...

PT-2022-2727 · Moodle +2 · Moodle +2

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A flaw was found in Moodle where global search results could include author information on some activities where a user may not otherwise have access to it. The vulnerability is related to...

Testimonial Rotator < 3.0.3 - Authenticated Stored Cross-Site Scripting (XSS)

A Stored XSS vulnerability has been found in the 'Author Information' textarea in testimonials from the plugin, which could allow an authenticated medium-privileged user contributor+ to inject arbitrary JavaScript. The XSS will be triggered for anyone visiting public posts or testimonial page...

ProConf Information Disclosure Vulnerability

ProConf is a conference management system. An information disclosure vulnerability exists in ProConf versions prior to 6.1. An attacker can exploit the vulnerability by changing the value of the Paper ID to view or gain access to submitted reports titles and abstracts and authors' personal...