10 matches found
EUVD-2019-6683
Malware in sbrugna...
EUVD-2022-5416
Malicious code in bioql PyPI...
BIT-MOODLE-2020-10738
A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remo...
U.S. Dept Of Defense: [hta3] Remote Code Execution on https://███ via improper access control to SCORM Zip upload/import
Summary: There is a Remote Code Execution vulnerability at https://█████████/Kview/CustomCodeBehind/base/courseware/scorm/management/scorm2004uploadcourse.aspx which allows any user to upload a SCORM course package. Furthermore, an attacker can add an ASPX shell to the SCORM package which will th...
Moodle < 3.5.12, 3.6.x < 3.6.10, 3.7.x < 3.7.6, 3.8.x < 3.8.3 RCE Vulnerability
Moodle is prone to a remote code execution RCE vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...
CVE-2020-10738
A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remo...
Remote code execution
A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remo...
PT-2020-12303 · Moodle +1 · Moodle +1
Name of the Vulnerable Software and Affected Versions: Moodle versions 3.8 before 3.8.3 Moodle versions 3.7 before 3.7.6 Moodle versions 3.6 before 3.6.10 Moodle versions 3.5 before 3.5.12 Moodle earlier unsupported versions Description: A flaw was found in Moodle that allows creating a SCORM...
CVE-2019-15748
SITOS six Build v6.2.1 permits unauthorised users to upload and import a SCORM 2004 package by browsing directly to affected pages. An unauthenticated attacker could use the upload and import functionality to import a malicious SCORM package that includes a PHP file, which could execute arbitrary...
CVE-2019-15748
SITOS six Build v6.2.1 permits unauthorised users to upload and import a SCORM 2004 package by browsing directly to affected pages. An unauthenticated attacker could use the upload and import functionality to import a malicious SCORM package that includes a PHP file, which could execute arbitrary...