32 matches found
EUVD-2012-4423
Malware in sbrugna...
EUVD-2009-4493
Malware in sbrugna...
EUVD-2015-3420
Malware in sbrugna...
EUVD-2022-6748
Malicious code in bioql PyPI...
EUVD-2022-2005
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-20187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP...
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...
CVE-2021-20187
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication...
GHSA-2563-FP9C-MGM8 Moodle Session Fixation vulnerability
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...
CVE-2021-36394
CVE-2021-36394 is described as a remote code execution issue in Moodle’s Shibboleth authentication plugin. The OpenVAS entry lists concrete vulnerable versions of Moodle at risk: < 3.9.8, 3.10.x < 3.10.5, and 3.11.x
Improper Authentication
moodle is using Improper Authentication. The vulnerability exists in logoutdbsession function in helper.php where a session hijack risk was identified in the shibboleth authentication plugin, in which the sessions weren't killed after the user logging out...
CVE-2021-40691
A session hijack risk was identified in the Shibboleth authentication plugin...
CVE-2021-40691
A session hijack risk was identified in the Shibboleth authentication plugin...
Session fixation
A session hijack risk was identified in the Shibboleth authentication plugin...
Exploit for Code Injection in Moodle
CVE-2021-36394-Pre-Auth-RCE-in-Moodle Vulnerability Introd...
PT-2022-11300 · Shibboleth +1 · Shibboleth Authentication Plugin +1
Name of the Vulnerable Software and Affected Versions: Shibboleth authentication plugin affected versions not specified Description: A session hijack risk was identified in the Shibboleth authentication plugin. Recommendations: At the moment, there is no information about a newer version that...
Moodle code injection vulnerability (CNVD-2021-07533)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A code injection vulnerability exists in Moodle versions 3.10.1, 3.9.4, 3.8.7 and 3.5.16, which originates from an arbitrary execution ...
Remote Code Execution (RCE)
moodle/moodle is vulnerable to remote code execution. The vulnerability exists because a malicious admin user can inject and execute a malicious script via a PHP include used during Shibboleth authentication...