Логотип exploitDog
product: "moodle"
Консоль
Логотип exploitDog

exploitDog

product: "moodle"
Moodle

Moodleсистема управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle
Вендор: moodle

График релизов

4.14.24.34.44.55.02022202320242025202620272028

Недавние уязвимости Moodle

Количество 2 535

nvd логотип

CVE-2012-2364

около 13 лет назад

Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a "download all" action.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2012-2364

около 13 лет назад

Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle ...

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2012-2363

около 13 лет назад

SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x before 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calendar event.

CVSS2: 6.5
EPSS: Низкий
debian логотип

CVE-2012-2363

около 13 лет назад

SQL injection vulnerability in calendar/event.php in the calendar impl ...

CVSS2: 6.5
EPSS: Низкий
nvd логотип

CVE-2012-2362

около 13 лет назад

Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x before 1.9.18, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted parameter to blog/index.php.

CVSS2: 2.6
EPSS: Низкий
debian логотип

CVE-2012-2362

около 13 лет назад

Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog i ...

CVSS2: 2.6
EPSS: Низкий
nvd логотип

CVE-2012-2361

около 13 лет назад

Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the name field (aka the service name) to admin/webservice/service.php.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2012-2361

около 13 лет назад

Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php ...

CVSS2: 3.5
EPSS: Низкий
nvd логотип

CVE-2012-2360

около 13 лет назад

Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted string that is inserted into a page title.

CVSS2: 3.5
EPSS: Низкий
debian логотип

CVE-2012-2360

около 13 лет назад

Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Mood ...

CVSS2: 3.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2012-2364

Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a "download all" action.

CVSS2: 3.5
0%
Низкий
около 13 лет назад
debian логотип
CVE-2012-2364

Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle ...

CVSS2: 3.5
0%
Низкий
около 13 лет назад
nvd логотип
CVE-2012-2363

SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x before 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calendar event.

CVSS2: 6.5
0%
Низкий
около 13 лет назад
debian логотип
CVE-2012-2363

SQL injection vulnerability in calendar/event.php in the calendar impl ...

CVSS2: 6.5
0%
Низкий
около 13 лет назад
nvd логотип
CVE-2012-2362

Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x before 1.9.18, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted parameter to blog/index.php.

CVSS2: 2.6
0%
Низкий
около 13 лет назад
debian логотип
CVE-2012-2362

Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog i ...

CVSS2: 2.6
0%
Низкий
около 13 лет назад
nvd логотип
CVE-2012-2361

Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the name field (aka the service name) to admin/webservice/service.php.

CVSS2: 3.5
0%
Низкий
около 13 лет назад
debian логотип
CVE-2012-2361

Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php ...

CVSS2: 3.5
0%
Низкий
около 13 лет назад
nvd логотип
CVE-2012-2360

Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted string that is inserted into a page title.

CVSS2: 3.5
0%
Низкий
около 13 лет назад
debian логотип
CVE-2012-2360

Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Mood ...

CVSS2: 3.5
0%
Низкий
около 13 лет назад

Уязвимостей на страницу

Поделиться