Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 541
GHSA-389j-qw4x-m76h
Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php.
GHSA-5xqf-3mwv-q7gm
Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors.
GHSA-6q9g-3vfq-q2qj
Improper Authentication in moodle
GHSA-c5hf-mc85-2hx4
Missing authorization in Moodle
CVE-2022-0984
Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.
CVE-2022-0984
Users with the capability to configure badge criteria (teachers and ma ...
CVE-2022-0984
Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.
CVE-2022-0985
Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability.
CVE-2022-0985
Insufficient capability checks could allow users with the moodle/site: ...
CVE-2022-0985
Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-389j-qw4x-m76h Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php. | 1% Низкий | больше 3 лет назад | |
| GHSA-5xqf-3mwv-q7gm Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors. | 0% Низкий | больше 3 лет назад | |
| GHSA-6q9g-3vfq-q2qj Improper Authentication in moodle | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-c5hf-mc85-2hx4 Missing authorization in Moodle | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-0984 Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0984 Users with the capability to configure badge criteria (teachers and ma ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-0984 Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0985 Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0985 Insufficient capability checks could allow users with the moodle/site: ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0985 Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу