Sequential Quiz Bypass

moodle/moodle is vulnerable to Sequential Quiz Bypass. The vulnerability exists because some quizzes services don't ensure sequential quiz questions in the API, which allows an attacker to bypass consecutive navigation during a quiz attempt...

Moodle < 3.9.16, 3.11.x < 3.11.9, 4.0.x < 4.0.3 Quiz Sequential Navigation Bypass Vulnerability (MSA-22-0027)

Moodle is prone to a quiz sequential navigation bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2022-40208

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt...

CVE-2022-40208

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt...

CVE-2022-40208

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt...

UBUNTU-CVE-2022-40208

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt...

CVE-2022-40208

In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt...

CVE-2022-40208

CVE-2022-40208 (Moodle) refers to a vulnerability in Moodle where “insufficient limitations in some quiz web services” allow a student to bypass sequential navigation during a quiz attempt. The connected documents reiterate this exact issue for Moodle’s quiz web services. The available sources do...

NonceHolder.setValueUnderNonce does not check if the nonce has been used before

Lines of code Vulnerability details Impact Already used nonces or the nonces less than the specified minimal nonce can be used by the NonceHolder.setValueUnderNonce function. It can lead to some unique conflicts and even replay attacks on some of dapps which are based on the values under nonces...

NonceHolder.setValueUnderNonce does not increase the minNonce when using sequential account nonce ordering

Lines of code Vulnerability details Impact The current available nonce can't be synchronized to the client and rpc resp in real time. As a result, the client can't use the correct nonce to signature transaction. Proof of Concept If the nonceOrdering type of the account is...

SUSE CVE-2008-4100

GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the...

CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

CVE-2022-44566

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...

The gotcha of unhandled promise rejections

Let's say you wanted to display a bunch of chapters on the page, and for whatever reason, the API only gives you a chapter at a time. You could do this: async function showChapterschapterURLs for const url of chapterURLs const response = await fetchurl; const chapterData = await response.json;...

The gotcha of unhandled promise rejections

Let's say you wanted to display a bunch of chapters on the page, and for whatever reason, the API only gives you a chapter at a time. You could do this: async function showChapterschapterURLs for const url of chapterURLs const response = await fetchurl; const chapterData = await response.json;...

User can read any series without permission

Description A normal user can access any series without permission if they have access to at least one library. Version Tested on latest release 0.5.6.0 and on docker image 'kizaing/kavita:latest', with image pulled on September 17, 12:30 UTC Digest:...

Automattic: IDOR in API applications (able to see any API token, leads to account takeover)

Summary: Hi, @ehtis, thank you for the test account. Here is a critical report. : On Pressable, we can create API applications at https://my.pressable.com/api/applications, and we can access many things using the API token via following the API docs I created an API application and tried to updat...

CVE-2022-32769

Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP reque...

Authentication flaw

Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP reque...