EUVD-2021-0644

Malware in sbrugna...

Privilage Escalation in moodle

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

GHSA-C9HQ-G4Q8-W893 Privilage Escalation in moodle

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

Moodle < 3.5.14, 3.7.x < 3.7.9, 3.8.x < 3.8.6, 3.9.x < 3.9.3 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Privilege Escalation

moodle/moodle is vulnerable to privilege escalation. The vulnerability exists when an enrollment method that did not exist, or was disabled, would be enabled if it was deleted, allowing unintended users access to the course...

CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

UBUNTU-CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

CVE-2020-25701

CVE-2020-25701 describes a Moodle vulnerability where the upload course tool would erroneously enable an enrollment method when deleting one that didn’t exist or wasn’t enabled, potentially letting unintended users access a course. Affected versions include Moodle 3.9.x (3.9.2 and earlier), 3.8.x...

Moodle 访问控制错误漏洞

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from an access control error vulnerability that stems from the fact that if the Upload Course tool is used to delete an...

PT-2020-16163 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.5 to 3.5.14 Moodle versions 3.7 to 3.7.8 Moodle versions 3.8 to 3.8.5 Moodle versions 3.9 to 3.9.2 Description: The upload course tool in Moodle contains an issue where deleting a non-existent or disabled enrollment method...