11 matches found
CVE-2008-0123
Cross-site scripting XSS vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete...
Fedora Update for moodle FEDORA-2008-0610
Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2008-0610 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for moodle FEDORA-2008-0627
Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2008-0627 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for moodle FEDORA-2008-0627
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
openSUSE 10 Security Update : moodle (moodle-4964)
The install script of moodle is vulnerable to cross site scripting XSS. This flaw is only exploitable if moodle isn't fully installed yet. Therefore it's unlikely to be much of a problem in practice. To actually exploit it an attacker would have to know about a person that is just about to instal...
Fedora 7 : moodle-1.8.4-1.fc7 (2008-0627)
Upgrade to 1.8.4, fix CVE-2008-0123. Added Tamil Sri Lanka support. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 8 : moodle-1.8.4-1.fc8 (2008-0610)
Upgrade to 1.8.4, fix CVE-2008-0123. Added Tamil Sri Lanka support. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
CVE-2008-0123
CVE-2008-0123 is an XSS vulnerability in Moodle 1.8.3 (and possibly earlier than 1.8.4) where the dbname parameter during installation can be exploited to inject arbitrary scripts/HTML. Exploitation details are not provided in the sources; no explicit patch/version fix is detailed. Fedora/OpenVAS...
CVE-2008-0123
Cross-site scripting XSS vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete...
moodleinstall-xss.txt
Source URL of this announcement: http://int21.de/cve/CVE-2008-0123-moodle.html References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0123 Description Moodle is a course management system for educators. The installer code is vulnerable to Cross Site Scripting, letting you inject...
[Full-disclosure] Cross site scripting (XSS) in Moodle 1.8.3
Source URL of this announcement: http://int21.de/cve/CVE-2008-0123-moodle.html References https://vulners.com/cve/CVE-2008-0123 Description Moodle is a course management system for educators. The installer code is vulnerable to Cross Site Scripting, letting you inject JavaScript and steal cookies...