16 matches found
EUVD-2010-1690
Malware in sbrugna...
EUVD-2020-30207
Malware in sbrugna...
EUVD-2009-3280
Malware in sbrugna...
EUVD-2011-1413
Malware in sbrugna...
EUVD-2020-30208
Malware in sbrugna...
EUVD-2017-18482
Malware in sbrugna...
EUVD-2022-47486
Malicious code in bioql PyPI...
EUVD-2022-45773
Malicious code in bioql PyPI...
CVE-2022-44544
Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...
CVE-2021-40848
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exported CSV files could contain characters that a spreadsheet program could interpret as a command, leading to execution of a malicious string locally on a device, aka CSV injection...
CVE-2018-11195
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to the browser "back and refresh" attack. This allows malicious users with physical access to the web browser of a Mahara user, after they have logged in, to potentially gain access to their Mahara...
CVE-2017-1000156
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a group's configuration page being editable by any group member even when they didn't have the admin role...
CVE-2017-1000151
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed by unusual parameters to end up in an error log...
CVE-2017-1000146
Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to the arbitrary execution of Javascript in the browser of a logged-in user because the title of the portfolio page was not being properly escaped in the AJAX script that updates the Add/remove watchlist link o...
CVE-2017-1000156
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a group's configuration page being editable by any group member even when they didn't have the admin role...
CVE-2013-4432
Mahara before 1.5.13, 1.6.x before 1.6.8, and 1.7.x before 1.7.4 does not properly restrict access to folders, which allows remote authenticated users to read arbitrary folders 1 by leveraging an active folder tab loaded before permissions were removed or 2 via the folder parameter to...