EUVD-2023-3049

Malicious code in bioql PyPI...

EUVD-2022-1932

Malicious code in bioql PyPI...

BIT-MOODLE-2023-5540 Moodle: authenticated remote code execution risk in imscp

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

Arbitrary Code Execution

moodle/moodle is vulnerable to Arbitrary Code Execution. The vulnerability exists in the IMSCP activity which allows an attacker to inject and execute arbitrary codes into the system...

Moodle Code Injection vulnerability

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

GHSA-W8X2-W4QR-V3X4 Moodle Code Injection vulnerability

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

Remote code execution

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

UBUNTU-CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540 Moodle: authenticated remote code execution risk in imscp

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

CVE-2023-5540

CVE-2023-5540 describes a remote code execution risk in Moodle’s IMSCP activity, with access by default limited to teachers/managers. Connected sources confirm RCE in IMSCP across Moodle versions via authenticated pathways; several Nessus entries flag the vulnerability as unpatched (no vendor pat...

CVE-2023-5540 Moodle: authenticated remote code execution risk in imscp

A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers...

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle versions prior to 4.2 through 4.2.2, 4.1 through 4.1.5, 4.0 through 4.0.10, 3.11 through...

PT-2023-32164 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A remote code execution risk was identified in the IMSCP activity. By default, this was only available to teachers and managers. Recommendations: At the moment, there is no information about...

Moodle < 3.9.24, 3.11.x < 3.11.17, 4.0.x < 4.0.11, 4.1.x < 4.1.6, 4.2.x < 4.2.3 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

Moodle Arbitrary File Read via XML External Entity vulnerability

mod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with a manifest file containing an XML external entity declaration in conjunction with an entity...

Mageia: Security Advisory (MGASA-2014-0308)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information Disclosure

imscp/roundcube is vulnerable to information disclosures. The enigma plugin has insecure permissions, allowing a malicious user who has access to the web server to gain access to the gpg private key...