Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 535
CVE-2011-4291
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations.
CVE-2011-4291
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ...
CVE-2011-4290
Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.
CVE-2011-4290
Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php ...
CVE-2011-4289
Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page.
CVE-2011-4289
Moodle 2.0.x before 2.0.3 does not recognize the configuration setting ...
CVE-2011-4288
Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role.
CVE-2011-4288
Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly im ...
CVE-2011-4287
admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user.
CVE-2011-4287
admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2011-4291 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations. | CVSS2: 4 | 0% Низкий | около 13 лет назад |
| CVE-2011-4291 Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a ... | CVSS2: 4 | 0% Низкий | около 13 лет назад |
| CVE-2011-4290 Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding. | CVSS2: 4.3 | 0% Низкий | около 13 лет назад |
| CVE-2011-4290 Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php ... | CVSS2: 4.3 | 0% Низкий | около 13 лет назад |
| CVE-2011-4289 Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page. | CVSS2: 4 | 0% Низкий | около 13 лет назад |
| CVE-2011-4289 Moodle 2.0.x before 2.0.3 does not recognize the configuration setting ... | CVSS2: 4 | 0% Низкий | около 13 лет назад |
| CVE-2011-4288 Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role. | CVSS2: 4 | 0% Низкий | около 13 лет назад |
| CVE-2011-4288 Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly im ... | CVSS2: 4 | 0% Низкий | около 13 лет назад |
| CVE-2011-4287 admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user. | CVSS2: 6.8 | 0% Низкий | около 13 лет назад |
| CVE-2011-4287 admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force ... | CVSS2: 6.8 | 0% Низкий | около 13 лет назад |
Уязвимостей на страницу