Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 541
CVE-2011-4294
The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow attackers to trick users into visiting arbitrary web sites via unspecified vectors.
CVE-2011-4294
The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x b ...
CVE-2011-4293
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.
CVE-2011-4293
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before ...
CVE-2011-4292
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations.
CVE-2011-4292
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...
CVE-2011-4291
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations.
CVE-2011-4291
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...
CVE-2011-4290
Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.
CVE-2011-4290
Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2011-4294 The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow attackers to trick users into visiting arbitrary web sites via unspecified vectors. | CVSS2: 5.8 | 0% Низкий | больше 13 лет назад |
| CVE-2011-4294 The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x b ... | CVSS2: 5.8 | 0% Низкий | больше 13 лет назад |
| CVE-2011-4293 The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors. | CVSS2: 6.4 | 0% Низкий | больше 13 лет назад |
| CVE-2011-4293 The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before ... | CVSS2: 6.4 | 0% Низкий | больше 13 лет назад |
| CVE-2011-4292 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations. | CVSS2: 4 | 1% Низкий | больше 13 лет назад |
| CVE-2011-4292 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ... | CVSS2: 4 | 1% Низкий | больше 13 лет назад |
| CVE-2011-4291 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations. | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2011-4291 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ... | CVSS2: 4 | 0% Низкий | больше 13 лет назад |
| CVE-2011-4290 Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding. | CVSS2: 4.3 | 0% Низкий | больше 13 лет назад |
| CVE-2011-4290 Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php ... | CVSS2: 4.3 | 0% Низкий | больше 13 лет назад |
Уязвимостей на страницу