Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 470
CVE-2011-4284
Moodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive information from a myprofile (aka My profile) block by visiting a user-context page.
CVE-2011-4284
Moodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive ...
CVE-2011-4283
Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterprise enrolment file in the course-files area, which allows remote attackers to obtain sensitive information via a request for imsenterprise-enrol.xml.
CVE-2011-4283
Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterp ...
CVE-2011-4282
Multiple cross-site scripting (XSS) vulnerabilities in the course-tags functionality in tag/coursetags_more.php in Moodle 2.0.x before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) sort or (2) show parameter.
CVE-2011-4282
Multiple cross-site scripting (XSS) vulnerabilities in the course-tags ...
CVE-2011-4281
Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course.
CVE-2011-4281
Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2 ...
CVE-2011-4280
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-4280
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2011-4284 Moodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive information from a myprofile (aka My profile) block by visiting a user-context page. | CVSS2: 5 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4284 Moodle 2.0.x before 2.0.2 allows remote attackers to obtain sensitive ... | CVSS2: 5 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4283 Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterprise enrolment file in the course-files area, which allows remote attackers to obtain sensitive information via a request for imsenterprise-enrol.xml. | CVSS2: 5 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4283 Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterp ... | CVSS2: 5 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4282 Multiple cross-site scripting (XSS) vulnerabilities in the course-tags functionality in tag/coursetags_more.php in Moodle 2.0.x before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) sort or (2) show parameter. | CVSS2: 4.3 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4282 Multiple cross-site scripting (XSS) vulnerabilities in the course-tags ... | CVSS2: 4.3 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4281 Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course. | CVSS2: 6.8 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4281 Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2 ... | CVSS2: 6.8 | 0% Низкий | почти 13 лет назад |
| CVE-2011-4280 Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | CVSS2: 4.3 | 3% Низкий | почти 13 лет назад |
| CVE-2011-4280 Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka ... | CVSS2: 4.3 | 3% Низкий | почти 13 лет назад |
Уязвимостей на страницу