CVE-2009-4714

Cross-site scripting XSS vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to cadastrousuario.php...

EUVD-2006-7084

Malware in sbrugna...

EUVD-2013-4362

Malware in sbrugna...

EUVD-2010-2245

Malware in sbrugna...

EUVD-2009-1937

Malware in sbrugna...

EUVD-2013-4361

Malware in sbrugna...

EUVD-2009-4678

Malware in sbrugna...

CVE-2009-1942

Cross-site scripting XSS vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or quiz questions access, to inject arbitrary web script or HTML via unspecified vectors...

Insufficient Access Control

Moodle is vulnerable to Insufficient Access Control. The vulnerability is due to improper validation in the external API for the Quiz module, allowing unauthorized users to override access controls...

SUSE CVE-2010-2231

Cross-site request forgery CSRF vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter...

Moodle allows attackers to obtain sensitive information

The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...

CVE-2013-4500

The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote authenticated users with the "view any quiz results" or "view results for own quiz" permission to delete arbitrary results via the delete option...

CVE-2013-4501

The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote attackers to obtain sensitive quiz results via unspecified vectors...

Information disclosure

The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote authenticated users with the "view any quiz results" or "view results for own quiz" permission to delete arbitrary results via the delete option...

Design/Logic Flaw

The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote attackers to obtain sensitive quiz results via unspecified vectors...

CVE-2013-4500

CVE-2013-4500 concerns the Drupal Quiz module (6.x-4.x) prior to 6.x-4.5. The root cause is insufficient access control: remote authenticated users with either "view any quiz results" or "view results for own quiz" permissions can delete arbitrary results via the delete option. Impact is denial o...

CVE-2013-4501

The CVE-2013-4501 entry concerns the Drupal Quiz module (6.x-4.x) prior to 6.x-4.5. The root cause is improper access control in the quiz results views, allowing remote attackers to obtain sensitive quiz results via unspecified vectors. Affected software is the Quiz module for Drupal 6.x, version...

CVE-2013-4500

The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote authenticated users with the "view any quiz results" or "view results for own quiz" permission to delete arbitrary results via the delete option...

CVE-2013-4501

The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote attackers to obtain sensitive quiz results via unspecified vectors...

Code injection

The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...