5 matches found
CVE-2022-28601
CVE-2022-28601 concerns the Simple 2FA Plugin for Moodle by LMS Doctor. A 2FA bypass exists: remote attackers can overwrite the phone number used for confirmation via profile.php, thus bypassing the phone verification mechanism. The affected component is the Moodle plugin’s 2FA handling; the root...
CVE-2022-28986
LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references IDOR vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts...
Spoofing
LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references IDOR vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts...
CVE-2022-28986
LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references IDOR vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts...
Moodle和Darwin Factor 安全漏洞
LMS Doctor 2 Factor Authentication for Moodle is a Moodle plugin for secondary authentication from LMS Doctor. A security vulnerability exists in LMS Doctor 2 Factor Authentication for Moodle that stems from the presence of a double authentication 2FA bypass issue. A remote attacker could use thi...