Mandrake Security Advisory MDVSA-2009:265 (egroupware)

The remote host is missing an update to egroupware announced via advisory MDVSA-2009:265. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Debian: Security Advisory (DSA-1871-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1871-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 7.10 / 8.04 LTS : moodle vulnerability (USN-658-1)

Lukasz Pilorz discovered that the HTML filtering used in Moodle was not strict enough. A remote attacker could send malicious requests to Moodle and execute arbitrary code as the web server user. Note that Tenable Network Security has extracted the preceding description block directly from the...

Ubuntu Update for moodle vulnerability USN-658-1

Ubuntu Update for Linux kernel vulnerabilities USN-658-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6581.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for moodle vulnerability USN-658-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Debian Security Advisory DSA 1691-1 (moodle)

The remote host is missing an update to moodle announced via advisory DSA 1691-1. OpenVAS Vulnerability Test $Id: deb16911.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1691-1 moodle Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

[SECURITY] [DSA 1691-1] New moodle packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1691-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst December 22, 2008 http://www.debian.org/security/faq -...

Gentoo Security Advisory GLSA 200805-04 (egroupware)

The remote host is missing updates announced in advisory GLSA 200805-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200805-04 (egroupware)

The remote host is missing updates announced in advisory GLSA 200805-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 10 Security Update : moodle (moodle-5439)

An incorrect input validation in moodle could be exploited by attackers to conduct cross site scripting attacks CVE-2008-1502. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update moodle-5439. The...

[ GLSA 200805-04 ] eGroupWare: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200805-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

DSquare Exploit Pack: D2SEC_MOODLE_REXEC

Name| d2secmoodlerexec ---|--- CVE| CVE-2008-1502 Exploit Pack| D2ExploitPack Description| d2secmoodlerexec Notes|...

CVE-2008-1502

The badprotocolonce function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting XSS attacks via a string containing crafted URL protocols...

CVE-2008-1502

The CVE-2008-1502 issue concerns the _bad_protocol_once function in KSES (phpgwapi/inc/class.kses.inc.php). In affected products (notably Moodle < 1.8.5 and eGroupWare