Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2016/12/16 12:0 a.m.24 views

Moodle 2.9.x < 2.9.8 Authentication Bypass

Binary data 9833.prm...

7.3CVSS7.3AI score0.00972EPSS
Exploits0References2
NVD
NVD
added 2016/02/22 5:59 a.m.19 views

CVE-2015-5331

Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API...

4.3CVSS5.4AI score0.01278EPSS
Exploits0References2
NVD
NVD
added 2016/02/22 5:59 a.m.13 views

CVE-2015-3273

mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization...

4.3CVSS5.4AI score0.015EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2016/02/22 5:59 a.m.18 views

CVE-2015-5331

Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API...

4.3CVSS6.3AI score0.01278EPSS
Exploits0References2
Prion
Prion
added 2016/02/22 5:59 a.m.11 views

Design/Logic Flaw

Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API...

4CVSS6.6AI score0.01278EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/02/22 5:59 a.m.22 views

Authorization

mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization...

4CVSS6.6AI score0.015EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2016/02/22 5:59 a.m.21 views

CVE-2015-5332

Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service disk consumption by leveraging the guest role and entering drafts with the editor-autosave feature...

7.1CVSS6.9AI score0.01684EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/02/22 5:59 a.m.17 views

CVE-2015-3273

mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization...

4.3CVSS6.8AI score0.015EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/02/22 2:0 a.m.21 views

CVE-2015-3273

mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization...

5.3AI score0.015EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/02/22 2:0 a.m.22 views

CVE-2015-5332

Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service disk consumption by leveraging the guest role and entering drafts with the editor-autosave feature...

7.3AI score0.01684EPSS
Exploits0References2
Rows per page
Query Builder