EUVD-2022-0480

Malicious code in bioql PyPI...

EUVD-2022-7001

Malicious code in bioql PyPI...

BIT-MOODLE-2022-0332

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data...

Moodle 3.9.x < 3.9.12 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.12, 3.10.x prior to 3.10.9 or 3.11.x prior to 3.11.5. It is, therefore, affected by multiple vulnerabilities: - An SQL injection vulnerability in the h5p activity web service responsible for fetching user attempt data...

Moodle 4.0.x < 4.0.4 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.17, 3.11.x prior to 3.11.10 or 4.0.x prior to 4.0.4. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS and page Denial of Service DoS vulnerabilities due to recursive rendering in...

CVE-2022-40316

The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to...

CVE-2022-40316

The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to...

CVE-2022-40316

The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to...

CVE-2022-40316

The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to...

CVE-2022-40316

The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to...

Moodle 3.11.4 - SQL Injection

Exploit Title: Moodle 3.11.4 - SQL Injection Date: 30/01/2022 Exploit Author: lavclash75 Vendor Homepage: https://moodle.org/ Version: Moodle 3.11 to 3.11.4 CVE: CVE-2022-0332 POC GET...

Moodle 3.11.4 - SQL Injection Vulnerability

Exploit Title: Moodle 3.11.4 - SQL Injection Exploit Author: lavclash75 Vendor Homepage: https://moodle.org/ Version: Moodle 3.11 to 3.11.4 CVE: CVE-2022-0332 POC GET...

GHSA-6JHM-4VMX-MR76 SQL injection in Moodle

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data...

SQL injection in Moodle

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data...

Exploit for SQL Injection in Moodle

CVE-2022-0332 Moodle 3.11 to 3.11.4 - SQL injection...

CVE-2022-0332

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data...

CVE-2022-0332

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data...

Sql injection

A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data...

CVE-2022-0332

CVE-2022-0332 affects Moodle 3.11–3.11.4, where an SQL injection vulnerability exists in the h5p activity web service used to fetch user attempt data. Root cause: inadequate sanitization/validation of inputs in mod_h5pactivity_get_user_attempts, enabling attacker-controlled SQL fragments. Impact ...

Moodle SQL注入漏洞

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle 3.11 through 3.11.4 suffers from a SQL injection vulnerability that stems from insufficient cleaning of user-supplied data in th...