11 matches found
EUVD-2018-3238
Malware in sbrugna...
CVE-2018-11196
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other ZIP files that are uploaded, ClamAV when activated does not check Leap2A...
Code injection
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other ZIP files that are uploaded, ClamAV when activated does not check Leap2A...
CVE-2018-11196
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other ZIP files that are uploaded, ClamAV when activated does not check Leap2A...
CVE-2018-11196
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other ZIP files that are uploaded, ClamAV when activated does not check Leap2A...
CVE-2018-11196
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other ZIP files that are uploaded, ClamAV when activated does not check Leap2A...
CVE-2018-11196
The CVE-2018-11196 entry affects Mahara releases 17.04 before 17.04.8, 17.10 before 17.10.5, and 18.04 before 18.04.1. The issue allows an attacker to use Leap2A archives to transfer infected files by uploading them to Mahara; Unlike standard ZIP uploads, ClamAV scanning (when active) does not in...
CVE-2017-1000133
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to a user - in some circumstances causing another user's artefacts to be included in a Leap2a export of their own pages...
Code injection
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to a user - in some circumstances causing another user's artefacts to be included in a Leap2a export of their own pages...
CVE-2017-1000133
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to a user - in some circumstances causing another user's artefacts to be included in a Leap2a export of their own pages...
CVE-2017-1000133
Mahara versions affected: 15.04 before 15.04.8, 15.10 before 15.10.4, and 16.04 before 16.04.2. The vulnerability allows an attacker to cause another user’s artefacts to be included in the attacker’s Leap2a export, effectively enabling exposure of another user’s artefacts. Some connected sources ...