7 matches found
The vulnerability in the virtual learning environment Moodle, related to insufficient cleaning of user data, allows a hacker to execute arbitrary SQL commands.
The vulnerability in the virtual training environment Moodle is related to insufficient cleaning of user data on the “browse list of users” page of the administration site. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands by sending a specially created quer...
CVE-2022-40315
A limited SQL injection risk was identified in the "browse list of users" site administration page...
UBUNTU-CVE-2022-40315
A limited SQL injection risk was identified in the "browse list of users" site administration page...
Information disclosure
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2...
CVE-2022-36800
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2...
CVE-2022-36800
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2...
PT-2022-5110 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle versions affected versions not specified Description: A limited SQL injection risk was identified in the "browse list of users" site administration page. The vulnerability is related to insufficient cleaning of user data on this page...