Количество 2 536
Количество 2 536
CVE-2017-2642
Moodle 3.x has user fullname disclosure on the user preferences page.
CVE-2017-2641
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
CVE-2017-2641
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
CVE-2017-2641
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
CVE-2017-2578
In Moodle 3.x, there is XSS in the assignment submission page.
CVE-2017-2578
In Moodle 3.x, there is XSS in the assignment submission page.
CVE-2017-2578
In Moodle 3.x, there is XSS in the assignment submission page.
CVE-2017-2576
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
CVE-2017-2576
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
CVE-2017-2576
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes i ...
CVE-2017-15110
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
CVE-2017-15110
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
CVE-2017-15110
In Moodle 3.x, students can find out email addresses of other students ...
CVE-2017-12157
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
CVE-2017-12157
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
CVE-2017-12157
In Moodle 3.x, various course reports allow teachers to view details a ...
CVE-2017-12156
Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.
CVE-2017-12156
Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.
CVE-2017-12156
Moodle 3.x has XSS in the contact form on the "non-respondents" page i ...
CVE-2016-9188
Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before 3.1.2 allow remote attackers to inject arbitrary web script or HTML via the s_additionalhtmlhead, s_additionalhtmltopofbody, and s_additionalhtmlfooter parameters.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2017-2642 Moodle 3.x has user fullname disclosure on the user preferences page. | CVSS3: 6.5 | 0% Низкий | около 8 лет назад |
 | CVE-2017-2641 In Moodle 2.x and 3.x, SQL injection can occur via user preferences. | CVSS3: 9.8 | 2% Низкий | больше 8 лет назад |
 | CVE-2017-2641 In Moodle 2.x and 3.x, SQL injection can occur via user preferences. | CVSS3: 9.8 | 2% Низкий | больше 8 лет назад |
| CVE-2017-2641 In Moodle 2.x and 3.x, SQL injection can occur via user preferences. | CVSS3: 9.8 | 2% Низкий | больше 8 лет назад |
| CVE-2017-2578 In Moodle 3.x, there is XSS in the assignment submission page. | CVSS3: 6.1 | 0% Низкий | больше 8 лет назад |
| CVE-2017-2578 In Moodle 3.x, there is XSS in the assignment submission page. | CVSS3: 6.1 | 0% Низкий | больше 8 лет назад |
| CVE-2017-2578 In Moodle 3.x, there is XSS in the assignment submission page. | CVSS3: 6.1 | 0% Низкий | больше 8 лет назад |
| CVE-2017-2576 In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums. | CVSS3: 5.3 | 0% Низкий | больше 8 лет назад |
| CVE-2017-2576 In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums. | CVSS3: 5.3 | 0% Низкий | больше 8 лет назад |
| CVE-2017-2576 In Moodle 2.x and 3.x, there is incorrect sanitization of attributes i ... | CVSS3: 5.3 | 0% Низкий | больше 8 лет назад |
| CVE-2017-15110 In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students. | CVSS3: 4.3 | 0% Низкий | почти 8 лет назад |
| CVE-2017-15110 In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students. | CVSS3: 4.3 | 0% Низкий | почти 8 лет назад |
| CVE-2017-15110 In Moodle 3.x, students can find out email addresses of other students ... | CVSS3: 4.3 | 0% Низкий | почти 8 лет назад |
| CVE-2017-12157 In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access. | CVSS3: 4.3 | 0% Низкий | почти 8 лет назад |
| CVE-2017-12157 In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access. | CVSS3: 4.3 | 0% Низкий | почти 8 лет назад |
| CVE-2017-12157 In Moodle 3.x, various course reports allow teachers to view details a ... | CVSS3: 4.3 | 0% Низкий | почти 8 лет назад |
| CVE-2017-12156 Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback. | CVSS3: 6.1 | 0% Низкий | почти 8 лет назад |
| CVE-2017-12156 Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback. | CVSS3: 6.1 | 0% Низкий | почти 8 лет назад |
| CVE-2017-12156 Moodle 3.x has XSS in the contact form on the "non-respondents" page i ... | CVSS3: 6.1 | 0% Низкий | почти 8 лет назад |
| CVE-2016-9188 Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before 3.1.2 allow remote attackers to inject arbitrary web script or HTML via the s_additionalhtmlhead, s_additionalhtmltopofbody, and s_additionalhtmlfooter parameters. | CVSS3: 6.1 | 0% Низкий | почти 9 лет назад |
Уязвимостей на страницу