11 matches found
EUVD-2006-4772
Malware in sbrugna...
CVE-2006-6625
Cross-site scripting XSS vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the navtail parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-6625
Cross-site scripting XSS vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the navtail parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-6625
The vulnerability is a Cross-site Scripting (XSS) in Moodle 1.6.1 specifically in mod/forum/discuss.php, exploitable by supplying a crafted value for the navtail parameter. Affected product: Moodle 1.6.1; vulnerable component/function: discuss.php in the forum module. Underlying cause is input ha...
CVE-2006-4786
Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via 1 help.php and 2 other unspecified vectors involving scheduled backups...
CVE-2006-4786
Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via 1 help.php and 2 other unspecified vectors involving scheduled backups...
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
CVE-2006-4786
Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via 1 help.php and 2 other unspecified vectors involving scheduled backups...
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
CVE-2006-4785
Moodle