613 matches found
Design/Logic Flaw
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the question preview that is displayed to execute JavaScript that is written into the question bank...
CVE-2018-10891
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the question preview that is displayed to execute JavaScript that is written into the question bank...
Code Injection in Moodle
Moodle is a widely-used open-source e-Learning software with more than 127 million users allowing teachers and students to digitally manage course activities and exchange learning material, often deployed by large universities. In this post we will examine the technical intrinsics of a critical...
UBUNTU-CVE-2018-1133
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...
CVE-2018-1133
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...
CVE-2018-1133
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...
Design/Logic Flaw
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...
CVE-2018-1133
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...
CVE-2018-1133
An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...
SQL injection vulnerability in ask2 Q&A attach.php file
ASK2 Q&A system belongs to the Beijing Zhengying Network Technology Co., Ltd. products , is a set of open source php Q&A system , integration of paid Q&A system , paid voice Q&A system . ask2 Q&A system attach.php file SQL injection vulnerability , attackers can use the vulnerability to obtain...
CVE-2017-17871
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter...
Sql injection
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter...
CVE-2017-17871
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter...
JEXTN Question And Answer extension SQL Injection Vulnerability
Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other functions.JEXTN Question And Answer extension is used in one of the online question and answer plug-ins. A SQL injection vulnerability...
JEXTN Question And Answer ,3.1.0,SQL Injection
JEXTN Question And Answer ,3.1.0,SQL Injection...
Joomla JEXTN Question And Answer 3.1.0 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection Dork: N/A Date: 13.12.2017 Vendor Homepage: http://jextn.com/ Software Link:...
CVE-2017-17590
FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter...
Sql injection
FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter...
CVE-2017-17590
FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter...
PT-2017-14885 · Fs · Fs Stackoverflow Clone
Name of the Vulnerable Software and Affected Versions: FS Stackoverflow Clone version 1.0 Description: The issue is related to SQL Injection, which can be exploited via the "/question" API endpoint, specifically through the keywords parameter. This allows for potential unauthorized access to...