EUVD-2022-1932

Malicious code in bioql PyPI...

EUVD-2023-3049

Malicious code in bioql PyPI...

BIT-MOODLE-2023-5540 Moodle: authenticated remote code execution risk in imscp

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

Arbitrary Code Execution

moodle/moodle is vulnerable to Arbitrary Code Execution. The vulnerability exists in the IMSCP activity which allows an attacker to inject and execute arbitrary codes into the system...

GHSA-W8X2-W4QR-V3X4 Moodle Code Injection vulnerability

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

Moodle Code Injection vulnerability

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

Remote code execution

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

UBUNTU-CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540 Moodle: authenticated remote code execution risk in imscp

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540 Moodle: authenticated remote code execution risk in imscp

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540

CVE-2023-5540 describes a remote code execution risk in Moodle’s IMSCP activity, with access by default limited to teachers/managers. Connected sources confirm RCE in IMSCP across Moodle versions via authenticated pathways; several Nessus entries flag the vulnerability as unpatched (no vendor pat...

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle versions prior to 4.2 through 4.2.2, 4.1 through 4.1.5, 4.0 through 4.0.10, 3.11 through...

PT-2023-32164 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A remote code execution risk was identified in the IMSCP activity. By default, this was only available to teachers and managers. Recommendations: At the moment, there is no information about...

Moodle < 3.9.24, 3.11.x < 3.11.17, 4.0.x < 4.0.11, 4.1.x < 4.1.6, 4.2.x < 4.2.3 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

Moodle Arbitrary File Read via XML External Entity vulnerability

mod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with a manifest file containing an XML external entity declaration in conjunction with an entity...

Mageia: Security Advisory (MGASA-2014-0308)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information Disclosure

imscp/roundcube is vulnerable to information disclosures. The enigma plugin has insecure permissions, allowing a malicious user who has access to the web server to gain access to the gpg private key...