Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 541
CVE-2012-2357
The Multi-Authentication feature in the Central Authentication Service (CAS) functionality in auth/cas/cas_form.html in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not use HTTPS, which allows remote attackers to obtain credentials by sniffing the network.
CVE-2012-2357
The Multi-Authentication feature in the Central Authentication Service ...
CVE-2012-2356
The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a save_question action.
CVE-2012-2356
The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x ...
CVE-2012-2355
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass question:use* capability requirements and add arbitrary questions to a quiz via the questions feature.
CVE-2012-2355
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...
CVE-2012-2354
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL.
CVE-2012-2354
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...
CVE-2012-2353
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.
CVE-2012-2353
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2012-2357 The Multi-Authentication feature in the Central Authentication Service (CAS) functionality in auth/cas/cas_form.html in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not use HTTPS, which allows remote attackers to obtain credentials by sniffing the network. | CVSS2: 5 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2357 The Multi-Authentication feature in the Central Authentication Service ... | CVSS2: 5 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2356 The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a save_question action. | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2356 The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x ... | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2355 Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass question:use* capability requirements and add arbitrary questions to a quiz via the questions feature. | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2355 Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ... | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2354 Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL. | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2354 Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ... | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2353 Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section. | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2012-2353 Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authent ... | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
Уязвимостей на страницу