36 matches found
PT-2019-19341 · Cms Made Simple · Cms Made Simple
Name of the Vulnerable Software and Affected Versions: CMS Made Simple version 2.2.8 Description: An issue was discovered in the FilePicker module, where it is possible to reach an unserialize call with an untrusted parameter, achieving authenticated object injection. Recommendations: For CMS Mad...
CMS Made Simple < 2.2.10 Multiple Vulnerabilities
CMS Made Simple is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Server-Side Request Forgery (SSRF)
moodle is vulnerable to server-side request forgery SSRF attacks. A malicious user can pass an arbitrary URL to the filepicker AJAX to retrieve and view any URL through it...
CVE-2018-10083
CMS Made Simple CMSMS through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict the val parameter...
CVE-2018-10083
CMS Made Simple CMSMS through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict the val parameter...
Moodle Cross-Site Request Forgery Vulnerability (CNVD-2018-02378)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. filepicker is one of the file selectors. A cross-site request forgery vulnerability...
CVE-2018-1042
Moodle 3.x has Server Side Request Forgery in the filepicker...
Server side request forgery (ssrf)
Moodle 3.x has Server Side Request Forgery in the filepicker...
CVE-2018-1042
Moodle 3.x has Server Side Request Forgery in the filepicker...
UBUNTU-CVE-2018-1042
Moodle 3.x has Server Side Request Forgery in the filepicker...
CVE-2018-1042
Moodle 3.x has Server Side Request Forgery in the filepicker...
CVE-2018-1042
Moodle 3.x has Server Side Request Forgery in the filepicker...
CVE-2018-1042
Summary of CVE-2018-1042 (Moodle SSRF): Moodle 3.x is affected by a server-side request forgery in the filepicker. The underlying issue is an SSRF in the filepicker function, enabling an attacker (reported as authenticated) to issue requests from the vulnerable Moodle host, potentially probing in...
Design/Logic Flaw
In CMS Made Simple CMSMS 2.2.2, remote authenticated administrators can upload a .php file via a CMSContentManager action to admin/moduleinterface.php, followed by a FilePicker action to admin/moduleinterface.php in which type=image is changed to type=file...
Google Chrome webkitdirectory Information Disclosure
Google was the first vendor I contacted regarding this. After initially recieving a SEC-MEDIUM rating, it was later changed to SEC-LOW and ignored for months 6. It turned out that Chrome would be able to detect this type of bug if anyone would try to use it on a mass scale, as it is logged by...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-1597)
The Mozilla Firefox 3.5.5 release fixes some instability issues caused by the 3.5.4 security upgrade. One crash was assigned a CVE number: CVE-2009-3978: The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to...