Количество 2 647
Количество 2 647
CVE-2022-45152
A blind Server-Side Request Forgery (SSRF) vulnerability was found in ...
CVE-2022-40316
The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.
CVE-2022-40316
The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.
CVE-2022-40316
The H5P activity attempts report did not filter by groups, which in se ...
CVE-2022-40315
A limited SQL injection risk was identified in the "browse list of users" site administration page.
CVE-2022-40315
A limited SQL injection risk was identified in the "browse list of users" site administration page.
CVE-2022-40315
A limited SQL injection risk was identified in the "browse list of use ...
CVE-2022-40313
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.
CVE-2022-40313
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.
CVE-2022-40313
Recursive rendering of Mustache template helpers containing user input ...
CVE-2022-0983
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default.
CVE-2022-0983
An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default.
CVE-2022-0983
An SQL injection risk was identified in Badges code relating to config ...
CVE-2021-43560
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
CVE-2021-43560
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
CVE-2021-43560
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...
CVE-2021-43559
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.
CVE-2021-43559
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.
CVE-2021-43559
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...
CVE-2021-43558
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2022-45152 A blind Server-Side Request Forgery (SSRF) vulnerability was found in ... | CVSS3: 9.1 | 0% Низкий | около 3 лет назад |
 | CVE-2022-40316 The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
 | CVE-2022-40316 The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-40316 The H5P activity attempts report did not filter by groups, which in se ... | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
| CVE-2022-40315 A limited SQL injection risk was identified in the "browse list of users" site administration page. | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад |
| CVE-2022-40315 A limited SQL injection risk was identified in the "browse list of users" site administration page. | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад |
| CVE-2022-40315 A limited SQL injection risk was identified in the "browse list of use ... | CVSS3: 9.8 | 0% Низкий | больше 3 лет назад |
| CVE-2022-40313 Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load. | CVSS3: 7.1 | 0% Низкий | больше 3 лет назад |
| CVE-2022-40313 Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load. | CVSS3: 7.1 | 0% Низкий | больше 3 лет назад |
| CVE-2022-40313 Recursive rendering of Mustache template helpers containing user input ... | CVSS3: 7.1 | 0% Низкий | больше 3 лет назад |
| CVE-2022-0983 An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default. | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
| CVE-2022-0983 An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default. | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
| CVE-2022-0983 An SQL injection risk was identified in Badges code relating to config ... | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
| CVE-2021-43560 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events. | CVSS3: 5.3 | 0% Низкий | около 4 лет назад |
| CVE-2021-43560 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events. | CVSS3: 5.3 | 0% Низкий | около 4 лет назад |
| CVE-2021-43560 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ... | CVSS3: 5.3 | 0% Низкий | около 4 лет назад |
| CVE-2021-43559 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk. | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| CVE-2021-43559 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk. | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| CVE-2021-43559 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ... | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| CVE-2021-43558 A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk. | CVSS3: 6.1 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу