EUVD-2022-2009

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-20283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each...

BIT-MOODLE-2021-20283

The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

CVE-2021-36392

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses...

CVE-2021-36392

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses...

CVE-2021-36392

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses...

Sql injection

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses...

UBUNTU-CVE-2021-36392

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses...

CVE-2021-36392

CVE-2021-36392 concerns Moodle, where multiple connected sources confirm an SQL injection risk in the library that fetches a user’s enrolled courses. The documents describe the issue in Moodle generally and align on the vulnerability class (SQL injection) but do not provide explicit technical det...

CVE-2021-36392

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses...

CVE-2021-36392

In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses...

GHSA-2M72-M5CW-3G9H Missing permission check in Moodle

The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

Moodle SQL注入漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from an SQL injection vulnerability that stems from insufficient handling of user-supplied data when acquiring enrolled...

PT-2021-3681 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A risk of SQL injection was identified in the library responsible for fetching a user's enrolled courses. This issue is related to a lack of protection measures for SQL queries. Exploitation...

Insecure Access Control

moodle/moodle does not properly validate user's access. The web service responsible for fetching users that are enrolled courses did not validate that the requesting user has the permission to view the information in each course...

CVE-2021-20283

The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

CVE-2021-20283

The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

UBUNTU-CVE-2021-20283

The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

CVE-2021-20283

The web service responsible for fetching other users' enrolled courses did not validate that the requesting user had permission to view that information in each course in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

PT-2021-13875 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: moodle versions prior to 3.10.2 moodle versions prior to 3.9.5 moodle versions prior to 3.8.8 moodle versions prior to 3.5.17 Description: The web service responsible for fetching other users' enrolled courses did not validate that the...