Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
CVE-2006-4937
lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages.
CVE-2006-4936
Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors.
CVE-2006-4941
Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via (1) the choose parameter in files/index.php and (2) the sub parameter in doc/index.php.
CVE-2006-4937
lib/setup.php in Moodle before 1.6.2 sets the error reporting level to ...
CVE-2006-4941
Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1 ...
CVE-2006-4939
backup/backup_scheduled.php in Moodle before 1.6.2 generates trace dat ...
CVE-2006-4935
The Database module in Moodle before 1.6.2 does not properly handle up ...
CVE-2006-4938
help.php in Moodle before 1.6.2 does not check the existence of certai ...
CVE-2006-4940
login/forgot_password.php in Moodle before 1.6.2 allows remote attacke ...
CVE-2006-4943
course/jumpto.php in Moodle before 1.6.2 does not validate the session ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2006-4937 lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages. | CVSS2: 4 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4936 Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors. | CVSS2: 10 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4941 Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via (1) the choose parameter in files/index.php and (2) the sub parameter in doc/index.php. | CVSS2: 4.3 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4937 lib/setup.php in Moodle before 1.6.2 sets the error reporting level to ... | CVSS2: 4 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4941 Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1 ... | CVSS2: 4.3 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4939 backup/backup_scheduled.php in Moodle before 1.6.2 generates trace dat ... | CVSS2: 5 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4935 The Database module in Moodle before 1.6.2 does not properly handle up ... | CVSS2: 10 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4938 help.php in Moodle before 1.6.2 does not check the existence of certai ... | CVSS2: 4 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4940 login/forgot_password.php in Moodle before 1.6.2 allows remote attacke ... | CVSS2: 5 | 0% Низкий | больше 19 лет назад |
| CVE-2006-4943 course/jumpto.php in Moodle before 1.6.2 does not validate the session ... | CVSS2: 5 | 0% Низкий | больше 19 лет назад |
Уязвимостей на страницу