Lucene search
K

4 matches found

CNNVD
CNNVD
added 2025/04/22 12:0 a.m.6 views

Moodle 跨站请求伪造漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from a lack of cross-site request forgery protection that allows an...

3.5CVSS4.8AI score0.00153EPSS
Exploits0References2
NVD
NVD
added 2021/12/14 8:15 p.m.11 views

CVE-2021-43828

PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.77 an improper privilege management IDOR has been found in PatrowlManager. All imports findings file is placed under /media/imports// In that, ownerid is predictable and tmpfile is in format o...

7.5CVSS0.01373EPSS
Exploits1References2
OSV
OSV
added 2021/12/14 8:15 p.m.10 views

CVE-2021-43828

PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.77 an improper privilege management IDOR has been found in PatrowlManager. All imports findings file is placed under /media/imports// In that, ownerid is predictable and tmpfile is in format o...

7.5CVSS6.8AI score
Exploits0References2
Huntr
Huntr
added 2021/12/11 9:12 a.m.14 views

Improper Privilege Management in patrowl/patrowlmanager

Description Hi there, I would like to report an improper privilege management in PatrowlManager - it's an IDOR. All imports findings file is placed under /media/imports// In that, ownerid is predictable and tmpfile is in format of import, for example: import11639213059582.json This filename is...

0.1AI score
Exploits0
Rows per page
Query Builder