Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 536
GHSA-w4f8-f35q-x83j
Unspecified vulnerability in the user editing interface in Moodle 1.5.x, 1.6 before 1.6.6, and 1.7 before 1.7.3 allows remote authenticated users to gain privileges via unknown vectors.
GHSA-m38p-4c43-vjrc
SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt.
GHSA-vjxx-54vw-q59f
Moodle SSRF Vulnerability
GHSA-qqjv-mc2v-p7mc
Moodle SSRF Vulnerability
GHSA-xhfw-wjjc-4j5h
Moodle Cross-site Scripting
GHSA-xjx9-7c29-pwmm
Moodle Improper Privilege Management
GHSA-hpwm-84h5-vqr8
Moodle Setting for blocked hosts list can be bypassed with multiple A record hostnames
GHSA-9x63-m3cc-qf3g
Moodle Unauthorized searching of arbitrary blogs by typing full url
GHSA-jjhx-5jff-rc8m
Moodle Improper Privilege Management
GHSA-m34m-fgh4-v7cx
Moodle External blog editing takeover
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-w4f8-f35q-x83j Unspecified vulnerability in the user editing interface in Moodle 1.5.x, 1.6 before 1.6.6, and 1.7 before 1.7.3 allows remote authenticated users to gain privileges via unknown vectors. | 0% Низкий | больше 3 лет назад | |
| GHSA-m38p-4c43-vjrc SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt. | 0% Низкий | больше 3 лет назад | |
| GHSA-vjxx-54vw-q59f Moodle SSRF Vulnerability | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-qqjv-mc2v-p7mc Moodle SSRF Vulnerability | CVSS3: 6.5 | 15% Средний | больше 3 лет назад |
| GHSA-xhfw-wjjc-4j5h Moodle Cross-site Scripting | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| GHSA-xjx9-7c29-pwmm Moodle Improper Privilege Management | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
| GHSA-hpwm-84h5-vqr8 Moodle Setting for blocked hosts list can be bypassed with multiple A record hostnames | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
| GHSA-9x63-m3cc-qf3g Moodle Unauthorized searching of arbitrary blogs by typing full url | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
| GHSA-jjhx-5jff-rc8m Moodle Improper Privilege Management | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
| GHSA-m34m-fgh4-v7cx Moodle External blog editing takeover | CVSS3: 6.3 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу