Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 647
CVE-2023-30944
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.
CVE-2023-30943
The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.
BDU:2023-03480
Уязвимость виртуальной обучающей среды Moodle, связанная с недостаточной очисткой данных, позволяющая нарушителю выполнять произвольные SQL-запросы в базе данных
BDU:2023-05206
Уязвимость плагина TinyMCE виртуальной обучающей среды Moodle, позволяющая нарушителю получить доступ на чтение, изменение или удаление данных
GHSA-948f-j464-rfj2
Moodle may allow students to bypass sequential navigation during a quiz attempt
CVE-2022-40208
In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt.
CVE-2022-40208
In Moodle, insufficient limitations in some quiz web services made it ...
CVE-2022-40208
In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt.
GHSA-vj5p-fp42-774p
Moodle may display roles to users who don't have access to them
GHSA-56r9-72vx-q989
Moodle arbitrary file read vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2023-30944 The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database. | CVSS3: 5.6 | 1% Низкий | почти 3 года назад |
| CVE-2023-30943 The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. | CVSS3: 6.5 | 16% Средний | почти 3 года назад |
 | BDU:2023-03480 Уязвимость виртуальной обучающей среды Moodle, связанная с недостаточной очисткой данных, позволяющая нарушителю выполнять произвольные SQL-запросы в базе данных | CVSS3: 7.3 | 1% Низкий | почти 3 года назад |
| BDU:2023-05206 Уязвимость плагина TinyMCE виртуальной обучающей среды Moodle, позволяющая нарушителю получить доступ на чтение, изменение или удаление данных | CVSS3: 5.3 | 16% Средний | почти 3 года назад |
| GHSA-948f-j464-rfj2 Moodle may allow students to bypass sequential navigation during a quiz attempt | CVSS3: 4.3 | 0% Низкий | почти 3 года назад |
 | CVE-2022-40208 In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt. | CVSS3: 4.3 | 0% Низкий | почти 3 года назад |
| CVE-2022-40208 In Moodle, insufficient limitations in some quiz web services made it ... | CVSS3: 4.3 | 0% Низкий | почти 3 года назад |
| CVE-2022-40208 In Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz attempt. | CVSS3: 4.3 | 0% Низкий | почти 3 года назад |
| GHSA-vj5p-fp42-774p Moodle may display roles to users who don't have access to them | CVSS3: 4.3 | 0% Низкий | почти 3 года назад |
| GHSA-56r9-72vx-q989 Moodle arbitrary file read vulnerability | CVSS3: 6.5 | 1% Низкий | почти 3 года назад |
Уязвимостей на страницу