EUVD-2013-1847

Malware in sbrugna...

EUVD-2012-5975

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-36400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions. CVE-2021-36400 Note that Nessus relies on the...

CVE-2013-1829

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role...

CVE-2012-6106

calendar/managesubscriptions.php in the Manage Subscriptions implementation in Moodle 2.4.x before 2.4.1 omits a capability check, which allows remote authenticated users to remove course-level calendar subscriptions by leveraging the student role and sending an iCalendar object...

BIT-MOODLE-2021-36400

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions...

Moodle has Incorrect Default Permissions

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions...

CVE-2021-36400

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions...

UBUNTU-CVE-2021-36400

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions...

CVE-2021-36400

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions...

CVE-2021-36400

In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions...

Nextcloud Server < 15.0.14, 16.x < 16.0.7, 17.x < 17.0.2 SSRF Vulnerability (NC-SA-2020-014)

Nextcloud Server is prone to a server-side request forgery SSRF protection bypass vulnerability in calendar subscriptions. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Authorization Bypass

Moodle is vulnerable to authorization bypass. The calendar/managesubscriptions.php does not enforce the correct permissions on users, allowing a malicious user with access to a student account to edit the calendar subscriptions...

Moodle 2.4.x < 2.4.1 Multiple Vulnerabilities

Binary data 9414.prm...

Code injection

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role...