Lucene search
K

106 matches found

CVE
CVE
added 2021/06/23 9:25 p.m.182 views

CVE-2021-21809

CVE-2021-21809 affects Moodle 3.10’s default legacy spellchecker plugin. A specially crafted sequence of HTTP requests can cause remote command execution, with exploitation requiring administrator privileges. Multiple feeds (NVD/NIST, CIRCL, and Nessus plugins) corroborate a command-injection/rem...

9.1CVSS9.1AI score0.24173EPSS
Exploits7References2Affected Software1
Talos
Talos
added 2021/06/22 12:0 a.m.146 views

Moodle spellchecker plugin command execution vulnerability

Summary A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities. Tested Versions Moodle 3.10 Product...

9.1CVSS9.7AI score0.24173EPSS
Exploits7
Positive Technologies
Positive Technologies
added 2021/01/17 12:0 a.m.6 views

PT-2021-14791 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle version 3.10 Description: A command execution vulnerability exists in the default legacy spellchecker plugin. This issue can be exploited through a specially crafted series of HTTP requests, leading to command execution. An attacker mu...

9.1CVSS6.4AI score0.24173EPSS
Exploits7References28
VulnCheck KEV
VulnCheck KEV
added 2020/12/14 12:0 a.m.4 views

VulnCheck KEV: CVE-2010-3313

phpgwapi/js/fckeditor/editor/dialog/fckspellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to execute arbitrary...

7.5CVSS5.9AI score0.08663EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/30 12:0 a.m.3 views

eGroupWare 'spellchecker.php' Remote Code Execution Vulnerability

eGroupWare is a multi-user, WEB-based workware suite developed on the basis of customization sets on a PHP-based API. A remote code execution vulnerability exists in eGroupWare 'spellchecker.php' that stems from the program failing to properly validate user-submitted data. A remote attacker could...

8.6AI score
Exploits0References1
OSV
OSV
added 2018/09/17 10:20 a.m.3 views

USN-3761-3 firefox regressions

USN-3761-1 fixed vulnerabilities in Firefox. The update caused several regressions affecting spellchecker dictionaries and search engines, which were partially fixed by USN-3761-2. This update contains the remaining fix. We apologize for the inconvenience. Original advisory details: Multiple...

5.9AI score
Exploits0References2
OSV
OSV
added 2018/09/13 2:9 p.m.5 views

USN-3761-2 firefox regressions

USN-3761-1 fixed vulnerabilities in Firefox. The update caused several regressions affecting spellchecker dictionaries and search engines. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user...

5.9AI score
Exploits0References2
Ubuntu
Ubuntu
added 2018/09/13 2:9 p.m.74 views

USN-3761-2: Firefox regressions

USN-3761-1 fixed vulnerabilities in Firefox. The update caused several regressions affecting spellchecker dictionaries and search engines. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user...

7.7AI score
Exploits0References1
NVD
NVD
added 2013/11/05 6:55 p.m.31 views

CVE-2011-5267

Multiple cross-site scripting XSS vulnerabilities in spell-check-savedicts.php in the SpellChecker module in Xinha, as used in WikiWig 5.01 and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the 1 topdict or 2 torlist parameter. NOTE: this issue might b...

4.3CVSS5.8AI score0.01817EPSS
Exploits1References5
Prion
Prion
added 2013/11/05 6:55 p.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in spell-check-savedicts.php in the SpellChecker module in Xinha, as used in WikiWig 5.01 and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the 1 topdict or 2 torlist parameter. NOTE: this issue might b...

4.3CVSS6.2AI score0.01817EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2013/11/05 6:55 p.m.43 views

CVE-2013-5670

Cross-site scripting XSS vulnerability in spell-check-savedicts.php in the htmlarea SpellChecker module, as used in Serendipity before 1.7.3 and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the torlist parameter...

4.3CVSS6AI score0.0118EPSS
Exploits0References1
Prion
Prion
added 2013/11/05 6:55 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in spell-check-savedicts.php in the htmlarea SpellChecker module, as used in Serendipity before 1.7.3 and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the torlist parameter...

4.3CVSS6.1AI score0.0118EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2013/11/05 6:0 p.m.32 views

CVE-2011-5267

Multiple cross-site scripting XSS vulnerabilities in spell-check-savedicts.php in the SpellChecker module in Xinha, as used in WikiWig 5.01 and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the 1 topdict or 2 torlist parameter. NOTE: this issue might b...

5.8AI score0.01817EPSS
Exploits1References5
Cvelist
Cvelist
added 2013/11/05 6:0 p.m.29 views

CVE-2013-5670

Cross-site scripting XSS vulnerability in spell-check-savedicts.php in the htmlarea SpellChecker module, as used in Serendipity before 1.7.3 and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the torlist parameter...

5.7AI score0.0118EPSS
Exploits0References5
CVE
CVE
added 2013/11/05 6:0 p.m.46 views

CVE-2011-5267

CVE-2011-5267: Multiple XSS vulnerabilities in the SpellChecker module (spell-check-savedicts.php) of Xinha, used in WikiWig 5.01 and possibly other products. Attacks could inject script/HTML via (1) to_p_dict or (2) to_r_list parameters. The issue may be related to the htmlarea plugin and is lin...

4.3CVSS5.9AI score0.01817EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2013/11/05 6:0 p.m.64 views

CVE-2013-5670

CVE-2013-5670 is a cross-site scripting (XSS) vulnerability in the htmlarea SpellChecker module’s spell-check-savedicts.php, affecting Serendipity prior to 1.7.3. The issue allows remote attackers to inject arbitrary web script or HTML via the to_r_list parameter. The vulnerability is due to impr...

4.3CVSS5.9AI score0.0118EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2013/02/04 12:0 a.m.19 views

Fedora Update for tinymce-spellchecker FEDORA-2013-1371

Check for the Version of tinymce-spellchecker OpenVAS Vulnerability Test Fedora Update for tinymce-spellchecker FEDORA-2013-1371 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

5CVSS6.5AI score0.02288EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/02/04 12:0 a.m.28 views

Fedora Update for tinymce-spellchecker FEDORA-2013-1341

Check for the Version of tinymce-spellchecker OpenVAS Vulnerability Test Fedora Update for tinymce-spellchecker FEDORA-2013-1341 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

5CVSS6.5AI score0.02288EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/02/04 12:0 a.m.30 views

Fedora Update for tinymce-spellchecker FEDORA-2013-1371

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.5AI score0.02288EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/02/04 12:0 a.m.20 views

Fedora Update for tinymce-spellchecker FEDORA-2013-1341

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.5AI score0.02288EPSS
Exploits0References2
Rows per page
Query Builder