Lucene search
K

11 matches found

UbuntuCve
UbuntuCve
added 2017/04/20 9:59 p.m.19 views

CVE-2016-3734

Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...

8.8CVSS7.2AI score0.01129EPSS
Exploits0References1
NVD
NVD
added 2017/04/20 9:59 p.m.18 views

CVE-2016-3734

Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...

8.8CVSS8.9AI score0.01129EPSS
Exploits0References5
NVD
NVD
added 2017/04/20 9:59 p.m.18 views

CVE-2016-3732

The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users...

4.3CVSS5.2AI score0.01373EPSS
Exploits0References3
Prion
Prion
added 2017/04/20 9:59 p.m.23 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...

6.8CVSS7.5AI score0.01129EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2017/04/20 9:59 p.m.12 views

CVE-2016-3729

The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the administrator...

6.5CVSS6.4AI score0.01282EPSS
Exploits0References3
CVE
CVE
added 2017/04/20 9:0 p.m.59 views

CVE-2016-3734

The CVE-2016-3734 entry concerns a Cross-site Request Forgery in Moodle’s markposts.php. Affected versions include Moodle 3.0.x up to 3.0.3, 2.9.x up to 2.9.5, 2.8.x up to 2.8.11, and 2.7.x up to 2.7.13 and earlier. Under CSRF, remote attackers can hijack a logged-in user’s session to perform act...

8.8CVSS8.7AI score0.01129EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/03/20 12:0 a.m.48 views

Moodle 3.0.x < 3.0.9 RCE

Binary data 700009.prm...

9.8CVSS7.3AI score0.1453EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2017/01/27 12:0 a.m.16 views

Moodle 3.0.x < 3.0.8 Multiple Vulnerabilities

Binary data 9922.prm...

6.1CVSS7.3AI score0.01015EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/12/16 12:0 a.m.17 views

Moodle 3.0.x < 3.0.7 Multiple Vulnerabilities

Binary data 9836.prm...

5.3CVSS7.3AI score0.01196EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/12/16 12:0 a.m.11 views

Moodle 3.0.x < 3.0.6 Authentication Bypass

Binary data 9835.prm...

7.3CVSS7.3AI score0.00972EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/05/22 8:0 p.m.21 views

CVE-2016-2157

Cross-site request forgery CSRF vulnerability in mod/assign/adminmanageplugins.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote attackers to hijack the authentication of administrators for requests that manage...

8.9AI score0.00975EPSS
Exploits0References4
Rows per page
Query Builder