Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 470
CVE-2011-4294
The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow attackers to trick users into visiting arbitrary web sites via unspecified vectors.
CVE-2011-4294
The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x b ...
CVE-2011-4293
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.
CVE-2011-4293
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before ...
CVE-2011-4292
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations.
CVE-2011-4292
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...
CVE-2011-4291
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations.
CVE-2011-4291
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...
CVE-2011-4290
Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.
CVE-2011-4290
Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2011-4294 The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow attackers to trick users into visiting arbitrary web sites via unspecified vectors. | CVSS2: 5.8 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4294 The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x b ... | CVSS2: 5.8 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4293 The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors. | CVSS2: 6.4 | 1% Низкий | почти 13 лет назад |
| CVE-2011-4293 The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before ... | CVSS2: 6.4 | 1% Низкий | почти 13 лет назад |
| CVE-2011-4292 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations. | CVSS2: 4 | 1% Низкий | почти 13 лет назад |
| CVE-2011-4292 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ... | CVSS2: 4 | 1% Низкий | почти 13 лет назад |
| CVE-2011-4291 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations. | CVSS2: 4 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4291 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ... | CVSS2: 4 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4290 Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding. | CVSS2: 4.3 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4290 Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php ... | CVSS2: 4.3 | 0% Низкий | почти 13 лет назад |
Уязвимостей на страницу