Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
CVE-2005-3649
jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter.
CVE-2005-3648
Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php.
CVE-2005-2247
Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors.
CVE-2005-2247
Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown i ...
CVE-2005-2247
Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors.
CVE-2004-1425
Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter.
CVE-2004-1424
Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2004-2235
Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text.
CVE-2004-2232
SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements.
CVE-2004-2236
Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2005-3649 jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter. | CVSS2: 2.6 | 8% Низкий | около 20 лет назад |
| CVE-2005-3648 Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php. | CVSS2: 7.5 | 1% Низкий | около 20 лет назад |
 | CVE-2005-2247 Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors. | CVSS2: 10 | 0% Низкий | больше 20 лет назад |
| CVE-2005-2247 Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown i ... | CVSS2: 10 | 0% Низкий | больше 20 лет назад |
| CVE-2005-2247 Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors. | CVSS2: 10 | 0% Низкий | больше 20 лет назад |
| CVE-2004-1425 Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. | CVSS2: 5 | 1% Низкий | около 21 года назад |
| CVE-2004-1424 Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | CVSS2: 4.3 | 1% Низкий | около 21 года назад |
| CVE-2004-2235 Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. | CVSS2: 10 | 0% Низкий | около 21 года назад |
| CVE-2004-2232 SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements. | CVSS2: 7.5 | 1% Низкий | около 21 года назад |
| CVE-2004-2236 Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. | CVSS2: 10 | 0% Низкий | около 21 года назад |
Уязвимостей на страницу