Lucene search
K

7 matches found

CVE
CVE
added 2026/04/24 12:0 a.m.12 views

CVE-2025-59308

In Mahara, versions before 24.04.10 and 25 before 25.04.1 allow an institution administrator or institution support administrator on a multi-tenant site to masquerade as an institution member in another institution if they also hold the 'Site staff' role. This is the core vulnerability described ...

4.7CVSS5.2AI score0.00177EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/24 12:0 a.m.28 views

CVE-2025-59308

In Mahara before 24.04.10 and 25 before 25.04.1, an institution administrator or institution support administrator on a multi-tenanted site can masquerade as an institution member in an institution for which they are not an administrator, if they also have the 'Site staff' role...

0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54986

Malicious code in bioql PyPI...

9.1CVSS6.6AI score0.00302EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/30 6:16 p.m.6 views

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration - Groups - Submissions...

9.1CVSS6.7AI score0.00302EPSS
Exploits0References1
OSV
OSV
added 2025/08/26 3:15 p.m.3 views

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration - Groups - Submissions...

9.1CVSS5.8AI score0.00302EPSS
Exploits0References2
NVD
NVD
added 2025/08/26 3:15 p.m.15 views

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration - Groups - Submissions...

9.1CVSS0.00302EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/21 9:30 p.m.7 views

CVE-2009-3298

Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote authenticated institution administrators to reset a site administrator password via unspecified vectors...

6.5CVSS6.6AI score0.02322EPSS
Exploits1References1
Rows per page
Query Builder