Lucene search
K

13 matches found

CNVD
CNVD
added 2025/05/07 12:0 a.m.5 views

Moodle Information Disclosure Vulnerability (CNVD-2025-09237)

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the edit and delete pages of the moddata module...

3.1CVSS6AI score0.00296EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.4 views

The vulnerability of the mod_data module in the virtual training environment Moodle, which allows a intruder to gain unauthorized access to protected information

The vulnerability of the moddata module in the virtual training environment Moodle is related to the disclosure of information through query strings. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

3.1CVSS5.4AI score0.00296EPSS
Exploits0References4Affected Software2
Veracode
Veracode
added 2025/04/29 4:14 a.m.6 views

Cross-Site Request Forgery (CSRF)

moodle/moodle is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to information leakage through URLs due to confidential CSRF protection data being exposed on edit and delete pages within the moddata module, allows an attacker to potentially perform Cross-Site Request...

3.1CVSS6.6AI score0.00296EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.4 views

Moodle 安全漏洞

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the edit and delete pages of the moddata module...

3.1CVSS6.1AI score0.00296EPSS
Exploits0References5
OSV
OSV
added 2024/01/20 12:30 a.m.15 views

GHSA-9RHQ-86FM-QXQC Duplicate Advisory: Hard-coded credentials in org.folio:mod-data-export-spring

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vf78-3q9f-92g3. This link is maintained to preserve external references. Original Description Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows...

9.1CVSS8.1AI score0.00646EPSS
Exploits0References8
NVD
NVD
added 2024/01/19 10:15 p.m.17 views

CVE-2024-23687

Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines...

9.1CVSS9.2AI score0.00646EPSS
Exploits0References5
OSV
OSV
added 2024/01/19 10:15 p.m.21 views

CVE-2024-23687

Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines...

9.1CVSS8.8AI score
Exploits0References5
Cvelist
Cvelist
added 2024/01/19 9:15 p.m.17 views

CVE-2024-23687 FOLIO mod-data-export-spring Hard-Coded Credentials

Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines...

9.5AI score0.00646EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/01/19 9:15 p.m.25 views

CVE-2024-23687 FOLIO mod-data-export-spring Hard-Coded Credentials

Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines...

8.7AI score0.00646EPSS
Exploits0References5
CVE
CVE
added 2024/01/19 9:15 p.m.83 views

CVE-2024-23687

CVE-2024-23687 affects the FOLIO module-data-export-spring. The issue arises from hard-coded credentials in the module, allowing unauthenticated access to critical APIs and enabling modification of user data, configurations (including single sign-on), and fees/fines. Affected versions are before ...

9.1CVSS8.7AI score0.00646EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.4 views

mod-data-export-spring Trust Management Issues Vulnerability

mod-data-export-spring is a FOLIO open source API for data export Spring modules. A security vulnerability exists in mod-data-export-spring versions prior to 1.5.4, 2.0.0 through 2.0.2, which stems from the use of hard-coded credentials...

9.1CVSS6.8AI score0.00646EPSS
Exploits0References7
CNVD
CNVD
added 2016/03/22 12:0 a.m.4 views

Moodle mod_data advanced search cross-site scripting vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A cross-site scripting vulnerability exists in the moddata advanced search in Moodle...

6.1CVSS6AI score0.01465EPSS
Exploits0References1
CVE
CVE
added 2014/11/24 11:0 a.m.47 views

CVE-2014-7833

CVE-2014-7833 affects Moodle releases up to 2.7.3, where mod/data/edit.php changes set a group ID to zero after a database-entry change. This behavior can allow remote authenticated users to disclose sensitive information by viewing the database after a teacher edits data. The root cause is descr...

4CVSS5.7AI score0.01674EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder