exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2 470

CVE-2015-5342

больше 9 лет назад

The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote authenticated users to bypass intended access restrictions by visiting a URL to add or delete responses in the closed state.

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5342

больше 9 лет назад

The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x ...

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5341

больше 9 лет назад

mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5341

больше 9 лет назад

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5341

больше 9 лет назад

mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before ...

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5340

больше 9 лет назад

Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) badges/overview.php or (2) badges/view.php.

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5340

больше 9 лет назад

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5340

больше 9 лет назад

Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2. ...

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5339

больше 9 лет назад

The core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain sensitive course-participant information via a web-service request.

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5339

больше 9 лет назад

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5339

больше 9 лет назад

The core_enrol_get_enrolled_users web service in enrol/externallib.php ...

CVSS3: 4.3

EPSS: Низкий

CVE-2015-5338

больше 9 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in the lesson module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote attackers to hijack the authentication of arbitrary users for requests to (1) mod/lesson/mediafile.php or (2) mod/lesson/view.php.

CVSS3: 8.8

EPSS: Низкий

CVE-2015-5338

больше 9 лет назад

CVSS3: 8.8

EPSS: Низкий

CVE-2015-5338

больше 9 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in the less ...

CVSS3: 8.8

EPSS: Низкий

CVE-2015-5337

больше 9 лет назад

Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted .swf file.

CVSS3: 6.1

EPSS: Низкий

CVE-2015-5337

больше 9 лет назад

CVSS3: 6.1

EPSS: Низкий

CVE-2015-5337

больше 9 лет назад

Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2. ...

CVSS3: 6.1

EPSS: Низкий

CVE-2015-5336

больше 9 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey answer.

CVSS3: 5.4

EPSS: Низкий

CVE-2015-5336

больше 9 лет назад

CVSS3: 5.4

EPSS: Низкий

CVE-2015-5336

больше 9 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the survey modu ...

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2015-5342 The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote authenticated users to bypass intended access restrictions by visiting a URL to add or delete responses in the closed state.	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5342 The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x ...	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5341 mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5341 mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5341 mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before ...	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5340 Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) badges/overview.php or (2) badges/view.php.	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5340 Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) badges/overview.php or (2) badges/view.php.	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5340 Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2. ...	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5339 The core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain sensitive course-participant information via a web-service request.	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5339 The core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain sensitive course-participant information via a web-service request.	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5339 The core_enrol_get_enrolled_users web service in enrol/externallib.php ...	CVSS3: 4.3	0% Низкий	больше 9 лет назад
CVE-2015-5338 Multiple cross-site request forgery (CSRF) vulnerabilities in the lesson module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote attackers to hijack the authentication of arbitrary users for requests to (1) mod/lesson/mediafile.php or (2) mod/lesson/view.php.	CVSS3: 8.8	0% Низкий	больше 9 лет назад
CVE-2015-5338 Multiple cross-site request forgery (CSRF) vulnerabilities in the lesson module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote attackers to hijack the authentication of arbitrary users for requests to (1) mod/lesson/mediafile.php or (2) mod/lesson/view.php.	CVSS3: 8.8	0% Низкий	больше 9 лет назад
CVE-2015-5338 Multiple cross-site request forgery (CSRF) vulnerabilities in the less ...	CVSS3: 8.8	0% Низкий	больше 9 лет назад
CVE-2015-5337 Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted .swf file.	CVSS3: 6.1	0% Низкий	больше 9 лет назад
CVE-2015-5337 Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted .swf file.	CVSS3: 6.1	0% Низкий	больше 9 лет назад
CVE-2015-5337 Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2. ...	CVSS3: 6.1	0% Низкий	больше 9 лет назад
CVE-2015-5336 Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey answer.	CVSS3: 5.4	0% Низкий	больше 9 лет назад
CVE-2015-5336 Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey answer.	CVSS3: 5.4	0% Низкий	больше 9 лет назад
CVE-2015-5336 Multiple cross-site scripting (XSS) vulnerabilities in the survey modu ...	CVSS3: 5.4	0% Низкий	больше 9 лет назад

Уязвимостей на страницу