Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 470
GHSA-22gj-8qj2-fj46
Moodle External Control of File Name or Path vulnerability
CVE-2023-30944
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.
CVE-2023-30944
The vulnerability was found Moodle which exists due to insufficient sa ...
CVE-2023-30943
The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.
CVE-2023-30943
The vulnerability was found Moodle which exists because the applicatio ...
CVE-2023-30943
The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.
CVE-2023-30944
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.
BDU:2023-03480
Уязвимость виртуальной обучающей среды Moodle, связанная с недостаточной очисткой данных, позволяющая нарушителю выполнять произвольные SQL-запросы в базе данных
BDU:2023-05206
Уязвимость плагина TinyMCE виртуальной обучающей среды Moodle, позволяющая нарушителю получить доступ на чтение, изменение или удаление данных
GHSA-948f-j464-rfj2
Moodle may allow students to bypass sequential navigation during a quiz attempt
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-22gj-8qj2-fj46 Moodle External Control of File Name or Path vulnerability | CVSS3: 5.3 | 18% Средний | около 2 лет назад |
 | CVE-2023-30944 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database. | CVSS3: 5.6 | 1% Низкий | около 2 лет назад |
| CVE-2023-30944 The vulnerability was found Moodle which exists due to insufficient sa ... | CVSS3: 5.6 | 1% Низкий | около 2 лет назад |
| CVE-2023-30943 The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. | CVSS3: 6.5 | 18% Средний | около 2 лет назад |
| CVE-2023-30943 The vulnerability was found Moodle which exists because the applicatio ... | CVSS3: 6.5 | 18% Средний | около 2 лет назад |
 | CVE-2023-30943 The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. | CVSS3: 6.5 | 18% Средний | около 2 лет назад |
| CVE-2023-30944 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database. | CVSS3: 5.6 | 1% Низкий | около 2 лет назад |
 | BDU:2023-03480 Уязвимость виртуальной обучающей среды Moodle, связанная с недостаточной очисткой данных, позволяющая нарушителю выполнять произвольные SQL-запросы в базе данных | CVSS3: 7.3 | 1% Низкий | около 2 лет назад |
| BDU:2023-05206 Уязвимость плагина TinyMCE виртуальной обучающей среды Moodle, позволяющая нарушителю получить доступ на чтение, изменение или удаление данных | CVSS3: 5.3 | 18% Средний | около 2 лет назад |
| GHSA-948f-j464-rfj2 Moodle may allow students to bypass sequential navigation during a quiz attempt | CVSS3: 4.3 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу