Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3806

Malicious code in bioql PyPI...

4.3CVSS6AI score0.01693EPSS
Exploits0References13
OSV
OSV
added 2022/05/13 1:12 a.m.14 views

GHSA-FMQ9-58Q4-XJW5 Moodle allows attackers to discover hidden course names

admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...

4.3CVSS5.8AI score0.01693EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.22 views

Moodle allows attackers to discover hidden course names

admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...

4.3CVSS6.2AI score0.01693EPSS
Exploits0References12Affected Software1
Veracode
Veracode
added 2017/07/26 7:53 p.m.21 views

Course Name Disclosure

Moodle is vulnerable to course name disclosure. Authenticated attackers can leverage a flaw in admin/tool/monitor/lib.php to find hidden course names by subscribing to rules. These attacks are possible because moodle ignores the moodle/course:viewhiddencourses capability...

4.3CVSS6.1AI score0.01693EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/07/18 12:0 a.m.4 views

Moodle Information Disclosure Vulnerability (CNVD-2017-24413)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security vulnerability exists in the Course overview block of Moodle version 3.3. An...

4.3CVSS4.6AI score0.00907EPSS
Exploits0References1
NVD
NVD
added 2016/05/22 8:59 p.m.14 views

CVE-2016-2154

admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...

4.3CVSS5.2AI score0.01693EPSS
Exploits0References4
OSV
OSV
added 2016/05/22 8:59 p.m.5 views

CVE-2016-2154

admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...

4.3CVSS4.6AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2016/05/22 8:59 p.m.21 views

CVE-2016-2154

admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...

4.3CVSS6.6AI score0.01693EPSS
Exploits0References2
Prion
Prion
added 2016/05/22 8:59 p.m.16 views

Design/Logic Flaw

admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a rule...

4CVSS6.5AI score0.01693EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2016/05/22 8:0 p.m.55 views

CVE-2016-2154

Moodle’s Event Monitor (admin/tool/monitor/lib.php) in versions 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not honor moodle/course:viewhiddencourses, allowing remote authenticated users to discover hidden course names by subscribing to a rule. Impact is partial confident...

4.3CVSS5.7AI score0.01693EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2016/03/25 6:38 a.m.17 views

MGASA-2016-0122 Updated moodle packages fix security vulnerability

In Moodle before 2.8.11, teachers who otherwise were not supposed to see students' emails could see them in the participants list CVE-2016-2151. In Moodle before 2.8.11, Moodle traditionally trusted content from external DB, however it was decided that external datasources may not be aware of web...

8.8CVSS5.2AI score0.01931EPSS
Exploits0References14
Rows per page
Query Builder