Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2014-0483)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References19
UbuntuCve
UbuntuCve
added 2014/11/24 11:59 a.m.26 views

CVE-2014-7846

tag/tagautocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request...

4CVSS5.9AI score0.01712EPSS
Exploits0References2
CVE
CVE
added 2014/11/24 11:0 a.m.58 views

CVE-2014-7846

Vulnerability details (CVE-2014-7846) affect Moodle tag_autocomplete.php across multiple releases: Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3. Root cause: the code does not consider the moodle/tag:edit capability before adding a tag, allowing remote auth...

4CVSS6.2AI score0.01712EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/11/24 11:0 a.m.24 views

CVE-2014-7846

tag/tagautocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request...

6AI score0.01712EPSS
Exploits0References4
Mageia
Mageia
added 2014/11/22 10:54 a.m.70 views

Updated moodle package fixes security vulnerabilities

In Moodle before 2.6.5, without forcing encoding, it was possible that UTF7 characters could be used to force cross-site scripts to AJAX scripts although this is unlikely on modern browsers and on most Moodle pages MSA-14-0035. In Moodle before 2.6.5, an XSS issue through $searchcourse in...

7.5CVSS6.5AI score0.02427EPSS
Exploits0References17
Rows per page
Query Builder