33 matches found
EUVD-2009-4493
Malware in sbrugna...
EUVD-2012-4423
Malware in sbrugna...
EUVD-2015-3420
Malware in sbrugna...
EUVD-2022-6748
Malicious code in bioql PyPI...
EUVD-2022-2005
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-20187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP...
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...
CVE-2021-20187
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication...
GHSA-2563-FP9C-MGM8 Moodle Session Fixation vulnerability
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...
CVE-2021-36394
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin...
CVE-2021-36394
CVE-2021-36394 is described as a remote code execution issue in Moodle’s Shibboleth authentication plugin. The OpenVAS entry lists concrete vulnerable versions of Moodle at risk: < 3.9.8, 3.10.x < 3.10.5, and 3.11.x
Improper Authentication
moodle is using Improper Authentication. The vulnerability exists in logoutdbsession function in helper.php where a session hijack risk was identified in the shibboleth authentication plugin, in which the sessions weren't killed after the user logging out...
CVE-2021-40691
A session hijack risk was identified in the Shibboleth authentication plugin...
Session fixation
A session hijack risk was identified in the Shibboleth authentication plugin...
CVE-2021-40691
A session hijack risk was identified in the Shibboleth authentication plugin...
Exploit for Code Injection in Moodle
CVE-2021-36394-Pre-Auth-RCE-in-Moodle Vulnerability Introd...
PT-2022-11300 · Shibboleth +1 · Shibboleth Authentication Plugin +1
Name of the Vulnerable Software and Affected Versions: Shibboleth authentication plugin affected versions not specified Description: A session hijack risk was identified in the Shibboleth authentication plugin. Recommendations: At the moment, there is no information about a newer version that...
The vulnerability of the Shibboleth authentication technology lies in the false representation of critical information to the user interface, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the Shibboleth authentication technology is related to the false representation of critical information to the user interface. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
Moodle code injection vulnerability (CNVD-2021-07533)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A code injection vulnerability exists in Moodle versions 3.10.1, 3.9.4, 3.8.7 and 3.5.16, which originates from an arbitrary execution ...