Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GeoffrowlandJmol

2 matches found

CVE
CVEadded 2025/06/24 1:15 a.m.18 views

CVE-2025-34031

A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the query parameter in jsmol.php. The script directly passes user input to the file_get_contents() function without proper validation, allowing attackers to read arbitrary files from the server's filesyste...

8.7CVSS7.2AI score0.02563EPSS
CVE
CVEadded 2025/06/24 1:15 a.m.12 views

CVE-2025-34032

A reflected cross-site scripting (XSS) vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the data parameter in jsmol.php. The application fails to properly sanitize user input before embedding it into the HTTP response, allowing an attacker to execute arbitrary JavaScript...

6.1CVSS6.1AI score0.00244EPSS