757 matches found
Moodle Information Disclosure Vulnerability (CNVD-2022-54951)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. moodle suffers from an information disclosure vulnerability that can be exploited by attackers to gain unauthorized access to sensitive...
Unspecified vulnerability exists in moodle (CNVD-2022-54952)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. a security vulnerability exists in Moodle, which stems from the description user field failing to hide when set to hidden. No details o...
Moodle Access Control Error Vulnerability (CNVD-2022-54953)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. an access control error vulnerability exists in Moodle, which stems from the calendar:manageentries feature allowing managers to acces...
Moodle Access Control Error Vulnerability (CNVD-2022-54955)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. an access control error vulnerability exists in Moodle, which stems from improper access restrictions. A remote attacker could use the...
Moodle Licensing Issue Vulnerability (CNVD-2022-54954)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. a security vulnerability exists in Moodle, which stems from an application that does not properly impose security restrictions. A remo...
CVE-2021-25029
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
Cross site scripting
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2021-25029
CVE-2021-25029 affects the WordPress CLUEVO LMS plugin prior to version 1.8.1. The vulnerability arises because the plugin does not sanitize and escape data in the Course module, enabling stored Cross‑Site Scripting (XSS) by high-privilege users even when unfiltered_html is disallowed. Impact is ...
CVE-2021-25029 Cluevo < 1.8.1 - Admin+ Stored Cross Site Scripting
The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
Wordpress Plugin CLUEVO LMS, E-Learning Platform 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...
Moodle Access Control Error Vulnerability (CNVD-2022-09259)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from an Access Control Error vulnerability that arises from a networked system or product that does not properly restric...
WordPress CLUEVO LMS, E-Learning Platform plugin <= 1.8.0 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Rutuja D Shirke in WordPress CLUEVO LMS, E-Learning Platform plugin versions = 1.8.0. Solution Update the WordPress CLUEVO LMS, E-Learning Platform plugin to the latest available version at least 1.8.1...
OpenOlat has unspecified vulnerabilities
OpenOLAT is a web-based e-learning platform for teaching, learning, assessing and communicating with an LMS, a learning management system. a security vulnerability exists in versions of OpenOlat prior to 15.5.12 and 16.0.5, which stems from the fact that by providing a file name containing a...
e-learning.polban.ac.id Cross Site Scripting vulnerability OBB-2300116
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
e-learning-chodel.eurzad.eu Cross Site Scripting vulnerability OBB-2288268
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Moodle permission permission and access control issue vulnerability (CNVD-2021-93378)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. moodle has a permission permission and access control issue vulnerability that stems from insufficient detection of functionality in t...
Moodle Input Validation Error Vulnerability (CNVD-2021-92540)
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. a security vulnerability exists in Moodle, which stems from a problem when the software restores backup files. an attacker could...
Moodle Cross-Site Request Forgery Vulnerability (CNVD-2021-92541)
Moodle is a free and open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. This could lead to cross-site request forgery attacks. No details of the vulnerability are currently available...
elearning.marcoaurelio.comune.roma.it Cross Site Scripting vulnerability OBB-2210825
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
e-learning.outsphera.it Cross Site Scripting vulnerability OBB-2210815
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...