Lucene search
+L

15 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-4508

Malware in sbrugna...

6.5CVSS6.1AI score0.01272EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-4341

Malware in sbrugna...

4.9CVSS6.1AI score0.00983EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2024

Malicious code in bioql PyPI...

7.3CVSS7.3AI score0.00908EPSS
Exploits0References4
nessus
nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-7038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed. CVE-2016-7038 Note that Nessus relies o...

7.3CVSS7AI score0.00908EPSS
Exploits0References2
osv
osv
added 2023/03/07 12:30 a.m.23 views

GHSA-786G-XV8V-9H93 Moodle Cross-site Scripting vulnerability

In Moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk...

5.4CVSS5.3AI score0.00516EPSS
Exploits0References3
osv
osv
added 2022/05/13 1:12 a.m.16 views

GHSA-2PHX-W35G-X9VM Moodle Weak Password Recovery Mechanism for Forgotten Password

In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed...

7.3CVSS7.1AI score0.00908EPSS
Exploits0References4
github
github
added 2022/05/13 1:12 a.m.19 views

Moodle Weak Password Recovery Mechanism for Forgotten Password

In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed...

7.3CVSS6.9AI score0.00908EPSS
Exploits0References4Affected Software1
veracode
veracode
added 2017/07/27 1:41 a.m.21 views

Force-Password-Change Bypass

Moodle is vulnerable to the bypass of the force-password-change requirement. Even when a password is forced to be changed on login, its possible for the temporary password to be used to create web service tokens, thus extending the life of the temporary password...

4CVSS6.3AI score0.01712EPSS
Exploits0References4Affected Software1
prion
prion
added 2017/01/20 8:59 a.m.12 views

Default credentials

In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed...

5CVSS7.2AI score0.00908EPSS
Exploits0References2Affected Software1
osv
osv
added 2017/01/20 8:59 a.m.2 views

UBUNTU-CVE-2016-7038

In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed...

7.3CVSS7.1AI score0.00908EPSS
Exploits0References3
osv
osv
added 2014/05/19 6:46 p.m.6 views

MGASA-2014-0230 Updated moodle packages fix multiple vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.6.3, Session checking was not being performed correctly in Assignment's quick-grading, allowing forged requests to be made unknowingly by authenticated users CVE-2014-0213. In Moodle before 2.6.3, MoodleMobile web service...

6.8CVSS6.2AI score0.02992EPSS
Exploits0References9
ubuntucve
ubuntucve
added 2012/09/19 10:57 a.m.16 views

CVE-2012-4402

webservice/lib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run arbitrary external-service functions via a token intended for only one service...

4.9CVSS5.9AI score0.00983EPSS
Exploits0References4
nvd
nvd
added 2012/07/20 10:40 a.m.16 views

CVE-2011-4583

Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with 1 disabled services and 2 users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens...

6.5CVSS6.2AI score0.01272EPSS
Exploits0References3
prion
prion
added 2012/07/20 10:40 a.m.15 views

Authorization

Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with 1 disabled services and 2 users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens...

6.5CVSS6.8AI score0.01272EPSS
Exploits0References3Affected Software1
ubuntucve
ubuntucve
added 2012/07/20 10:40 a.m.24 views

CVE-2011-4583

Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with 1 disabled services and 2 users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens...

6.5CVSS6AI score0.01272EPSS
Exploits0References1
Rows per page
Query Builder