Lucene search
K

50 matches found

Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.28 views

Moodle Incorrect sanitation of attributes in forums

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

5.3CVSS6.7AI score0.01015EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2017/05/15 2:29 p.m.21 views

CVE-2017-7490

In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing...

5.3CVSS5.3AI score0.01046EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/05/15 2:29 p.m.23 views

CVE-2017-7490

In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing...

5.3CVSS6.3AI score0.01046EPSS
Exploits0References2
NVD
NVD
added 2017/05/15 2:29 p.m.24 views

CVE-2017-7491

In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting...

4.3CVSS4.5AI score0.00518EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/05/15 2:0 p.m.35 views

CVE-2017-7490

In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing...

5.8AI score0.01046EPSS
Exploits0References1
NVD
NVD
added 2017/03/26 6:59 p.m.17 views

CVE-2017-2641

In Moodle 2.x and 3.x, SQL injection can occur via user preferences...

9.8CVSS9.9AI score0.1453EPSS
Exploits4References4
Prion
Prion
added 2017/01/20 8:59 a.m.11 views

Default credentials

In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed...

5CVSS7.2AI score0.00972EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/01/20 8:59 a.m.22 views

Code injection

In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context...

5CVSS6.8AI score0.01176EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/01/20 8:59 a.m.23 views

CVE-2017-2576

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

5.3CVSS6.7AI score
Exploits0References2
NVD
NVD
added 2017/01/20 8:59 a.m.19 views

CVE-2017-2576

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

5.3CVSS5.2AI score0.01015EPSS
Exploits0References2
Prion
Prion
added 2017/01/20 8:59 a.m.21 views

Code injection

In Moodle 2.x and 3.x, the question engine allows access to files that should not be available...

5CVSS6.8AI score0.01196EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2017/01/20 8:59 a.m.28 views

CVE-2017-2576

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

5.3CVSS6.1AI score0.01015EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/01/20 8:59 a.m.19 views

CVE-2016-5013

In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam...

5.8CVSS6.1AI score0.00861EPSS
Exploits0References2
NVD
NVD
added 2017/01/20 8:59 a.m.16 views

CVE-2016-5013

In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam...

5.8CVSS5.5AI score0.00861EPSS
Exploits0References2
Prion
Prion
added 2017/01/20 8:59 a.m.16 views

Design/Logic Flaw

In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam...

5.8CVSS7.2AI score0.00861EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/01/20 8:59 a.m.20 views

CVE-2016-5013

In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam...

5.4CVSS6.9AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/02/22 5:59 a.m.18 views

CVE-2015-3272

Open redirect vulnerability in the cleanparam function in lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an HTTP Referer...

7.4CVSS7.2AI score0.01849EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/04/10 12:0 a.m.11 views

Moodle 2.x Version Detection

Binary data 8690.prm...

7.3AI score
Exploits0References1
Prion
Prion
added 2014/07/29 11:10 a.m.22 views

Design/Logic Flaw

Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in 1 notes/index.php and 2 user/edit.php, which allows remote attackers to obtain potentially sensitive username and course information via a...

5CVSS6.5AI score0.014EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2013/03/25 9:55 p.m.18 views

CVE-2013-1836

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...

6.5CVSS8.9AI score0.01961EPSS
Exploits0References5
Rows per page
Query Builder