Online Student Grading System 1.0 Code Injection

============================================================================================================================================= | Title : Online Student Grading System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

Online Student Grading System 1.0 SQL Injection

============================================================================================================================================= | Title : Online Student Grading System 1.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

BIT-MOODLE-2021-32475

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...

BIT-MOODLE-2023-5546 Moodle: stored xss in quiz grading report via user id number

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

Moodle Cross-site Scripting vulnerability

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

GHSA-9724-H8P7-R3JV Moodle Cross-site Scripting vulnerability

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

CVE-2023-5546

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

CVE-2023-5546

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

CVE-2023-5546

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

Cross site scripting

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

UBUNTU-CVE-2023-5546

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

CVE-2023-5546

CVE-2023-5546 concerns Moodle: stored cross-site scripting via quiz grading report, triggered by displaying user-id numbers without adequate sanitization. The connected sources consistently describe this as a Moodle-related vulnerability where the risk is a stored XSS, arising from insufficient i...

CVE-2023-5546 Moodle: stored xss in quiz grading report via user id number

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...

PT-2023-32168 · Moodle +8 · Moodle +3

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue concerns a stored XSS risk in the quiz grading report, where ID numbers were not properly sanitized. This could potentially allow for malicious script execution. Recommendations:...

Hacking the High School Grading System

Interesting New York Times article about high-school students hacking the grading system. Whats not helping? The policies many school districts are adopting that make it nearly impossible for low-performing students to fail--they have a grading floor under them, they know it, and that allows them...

SUSE CVE-2015-3174

mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISKXSS bit for graders, which allows remote authenticated users to conduct cross-site scripting XSS attacks via crafted gradebook feedback during manual quiz grading...

Autolab OS Command Injection Vulnerability

Autolab is a course management service. Autolab supports automated grading of programming assignments. an operating system command injection vulnerability exists in Autolab. An attacker could exploit this vulnerability to execute code on the hosted Autolab server...

Autolab path traversal vulnerability

Autolab is a course management service. Autolab supports automatic grading of programming assignments. a path traversal vulnerability exists in Autolab. An attacker could exploit this vulnerability to view the contents of a file...

CVE-2021-31650

A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter...

CVE-2021-31650

A SQL injection vulnerability in Sourcecodester Online Grading System 1.0 allows remote attackers to execute arbitrary SQL commands via the uname parameter...