5 matches found
Moodle 2.5.0-1 (badges/external.php) PHP Object Injection Vulnerability
============================================= - Original release date: 15 September, 2013 - Discovered by: Emilio Pinna Application Security Analyst at Abinsula - Contact: emilio pinn gmail ============================================= VULNERABILITY ---------------------- Moodle CMS version 2.5.0...
Moodle CMS 2.5.0-1 Cross Site Scripting Vulnerability
Moodle CMS version 2.5.0-1 suffers from a cross site scripting vulnerability. ============================================= - Original release date: 15 September, 2013 - Discovered by: Emilio Pinna Application Security Analyst at Abinsula - Contact: emilio pinn gmail...
CVE-2013-5674
badges/external.php in Moodle 2.5.x before 2.5.2 does not properly handle an object obtained by unserializing a description of an external badge, which allows remote attackers to conduct PHP object injection attacks via unspecified vectors, as demonstrated by overwriting the value of the userid...
CVE-2013-5674
Moodle 2.5.x (before 2.5.2) is vulnerable in badges/external.php where unserializing a description of an external badge allows PHP object injection via unspecified vectors, demonstrated by overwriting the userid value. This can enable remote manipulation and has partial impact on confidentiality/...
Moodle CMS 2.5.0-1 Cross Site Scripting
============================================= - Original release date: 15 September, 2013 - Discovered by: Emilio Pinna Application Security Analyst at Abinsula - Contact: emilio pinn gmail ============================================= VULNERABILITY ---------------------- Moodle CMS version 2.5.0...