Lucene search
+L

9 matches found

nessus
nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-32474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site...

7.2CVSS7.5AI score0.00912EPSS
Exploits0References2
redos
redos
added 2024/03/13 12:0 a.m.12 views

ROS-2-1540

2.1540 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.3AI score0.01157EPSS
Exploits0
redos
redos
added 2024/03/13 12:0 a.m.19 views

ROS-2-1317

2.1317 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.7AI score0.01157EPSS
Exploits0
redos
redos
added 2024/03/13 12:0 a.m.29 views

ROS-2-471

2.471 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.2AI score0.01157EPSS
Exploits0
cvelist
cvelist
added 2022/03/11 5:54 p.m.46 views

CVE-2021-32474

An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions...

7.6AI score0.00912EPSS
Exploits0References1
cve
cve
added 2022/03/11 5:54 p.m.104 views

CVE-2021-32474

CVE-2021-32474 is an SQL injection vulnerability in Moodle when MNet is enabled, exploitable via an XML-RPC call from a connected peer. The issue requires site administrator access or access to the keypair. Affected Moodle versions include 3.10 up to 3.10.3, 3.9 up to 3.9.6, 3.8 up to 3.8.8, 3.5 ...

7.2CVSS6.7AI score0.00912EPSS
Exploits0References1Affected Software1
redos
redos
added 2021/09/08 12:0 a.m.14 views

ROS-2-1246

2.1246 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.8CVSS8.4AI score0.01236EPSS
Exploits1
redos
redos
added 2021/09/08 12:0 a.m.16 views

ROS-2-845

2.845 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.4AI score0.04006EPSS
Exploits1
openvas
openvas
added 2021/07/06 12:0 a.m.20 views

Moodle < 3.5.18, 3.8.x < 3.8.9, 3.9.x < 3.9.7, 3.10.x < 3.10.4 Multiple Vulnerability

Moodle is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.3AI score0.01073EPSS
Exploits0References4
Rows per page
Query Builder