Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 541

GHSA-8fqh-rfgp-g35q

больше 3 лет назад

mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 allows remote authenticated users to discover the names of other users via unspecified vectors.

EPSS: Низкий

GHSA-jcrj-gmr6-p5j8

больше 3 лет назад

Moodle Allows Modification of Constants

EPSS: Низкий

GHSA-hxmp-8f47-x9fc

больше 3 лет назад

Moodle Open Redirect Via Error Messages

EPSS: Низкий

GHSA-hp4v-c3h7-rwmx

больше 3 лет назад

mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote attackers to bypass validation via a crafted certificate.

EPSS: Низкий

GHSA-45ch-hxgr-vx8j

больше 3 лет назад

phpCAS client library and Moodle Cross-site Scripting vulnerability

EPSS: Низкий

GHSA-9xp2-5fr9-7mwm

больше 3 лет назад

Moodle vulnerable to SQL injection

EPSS: Низкий

GHSA-qq3m-44fg-p6q8

больше 3 лет назад

Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role.

EPSS: Низкий

GHSA-3jfw-v39g-268j

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.

EPSS: Низкий

GHSA-6656-6qwx-4c2m

больше 3 лет назад

Moodle XSS In Tag Autocomplete functionality

EPSS: Низкий

GHSA-m3xp-4hf3-qfpp

больше 3 лет назад

Moodle allows remote attackers to obtain sensitive information

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	EPSS	Опубликовано 1
GHSA-8fqh-rfgp-g35q mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 allows remote authenticated users to discover the names of other users via unspecified vectors.	0% Низкий	больше 3 лет назад
GHSA-jcrj-gmr6-p5j8 Moodle Allows Modification of Constants	0% Низкий	больше 3 лет назад
GHSA-hxmp-8f47-x9fc Moodle Open Redirect Via Error Messages	0% Низкий	больше 3 лет назад
GHSA-hp4v-c3h7-rwmx mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote attackers to bypass validation via a crafted certificate.	0% Низкий	больше 3 лет назад
GHSA-45ch-hxgr-vx8j phpCAS client library and Moodle Cross-site Scripting vulnerability	0% Низкий	больше 3 лет назад
GHSA-9xp2-5fr9-7mwm Moodle vulnerable to SQL injection	0% Низкий	больше 3 лет назад
GHSA-qq3m-44fg-p6q8 Moodle 1.9.x before 1.9.12 and 2.0.x before 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role.	0% Низкий	больше 3 лет назад
GHSA-3jfw-v39g-268j Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.	0% Низкий	больше 3 лет назад
GHSA-6656-6qwx-4c2m Moodle XSS In Tag Autocomplete functionality	0% Низкий	больше 3 лет назад
GHSA-m3xp-4hf3-qfpp Moodle allows remote attackers to obtain sensitive information	0% Низкий	больше 3 лет назад

Уязвимостей на страницу