Количество 2 643
Количество 2 643
GHSA-97qf-pq7x-964m
Moodle Cross-site Scripting vulnerability
GHSA-9724-h8p7-r3jv
Moodle Cross-site Scripting vulnerability
GHSA-966m-m549-2878
Moodle is vulnerable to unauthorized new accounts creation
GHSA-95qp-qwjg-22x9
lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages.
GHSA-948f-j464-rfj2
Moodle may allow students to bypass sequential navigation during a quiz attempt
GHSA-93wh-35r4-6qmw
Moodle allowed some users without permission to view other users' full names
GHSA-93pj-4p65-qmr9
Insufficient user authorization in Moodle
GHSA-93gj-rg98-h7mm
Moodle XSS Vulnerability
GHSA-9328-7pcw-vw69
Cross-Site Request Forgery in Moodle
GHSA-92vh-mr2w-j2cr
Moodle Improper Authentication
GHSA-92q5-2h76-vgmj
moodle Improper Access Control
GHSA-8wf8-rc66-c638
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.
GHSA-8vqr-8829-g4x5
lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
GHSA-8vjj-wf73-w882
Moodle Incorrect Default Settings
GHSA-8v23-w4w5-w83c
Cross-Site Request Forgery in Moodle
GHSA-8rc7-4qfv-4484
Moodle does not properly restrict file access
GHSA-8r7x-qq55-74v2
Moodle does not enforce the forceloginforprofiles setting
GHSA-8qwh-4vwv-7c5m
Moodle Cross-site Scripting (XSS)
GHSA-8p86-57fx-w749
Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabilities.
GHSA-8p2c-fgqv-ch4v
Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to (1) backup/backupfilesedit.php, (2) comment/comment_post.php, (3) course/switchrole.php, (4) mod/wiki/filesedit.php, (5) tag/coursetags_add.php, or (6) user/files.php.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-97qf-pq7x-964m Moodle Cross-site Scripting vulnerability | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
| GHSA-9724-h8p7-r3jv Moodle Cross-site Scripting vulnerability | CVSS3: 5.4 | 1% Низкий | около 2 лет назад |
| GHSA-966m-m549-2878 Moodle is vulnerable to unauthorized new accounts creation | 0% Низкий | больше 3 лет назад | |
| GHSA-95qp-qwjg-22x9 lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages. | 0% Низкий | больше 3 лет назад | |
| GHSA-948f-j464-rfj2 Moodle may allow students to bypass sequential navigation during a quiz attempt | CVSS3: 4.3 | 0% Низкий | больше 2 лет назад |
| GHSA-93wh-35r4-6qmw Moodle allowed some users without permission to view other users' full names | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| GHSA-93pj-4p65-qmr9 Insufficient user authorization in Moodle | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| GHSA-93gj-rg98-h7mm Moodle XSS Vulnerability | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
| GHSA-9328-7pcw-vw69 Cross-Site Request Forgery in Moodle | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
| GHSA-92vh-mr2w-j2cr Moodle Improper Authentication | CVSS3: 4.3 | 0% Низкий | около 3 лет назад |
| GHSA-92q5-2h76-vgmj moodle Improper Access Control | CVSS3: 4 | 0% Низкий | больше 3 лет назад |
| GHSA-8wf8-rc66-c638 Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed. | 13% Средний | больше 3 лет назад | |
| GHSA-8vqr-8829-g4x5 lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors. | 0% Низкий | больше 3 лет назад | |
| GHSA-8vjj-wf73-w882 Moodle Incorrect Default Settings | 0% Низкий | больше 3 лет назад | |
| GHSA-8v23-w4w5-w83c Cross-Site Request Forgery in Moodle | CVSS3: 5.4 | 0% Низкий | около 3 лет назад |
| GHSA-8rc7-4qfv-4484 Moodle does not properly restrict file access | 0% Низкий | больше 3 лет назад | |
| GHSA-8r7x-qq55-74v2 Moodle does not enforce the forceloginforprofiles setting | 0% Низкий | больше 3 лет назад | |
| GHSA-8qwh-4vwv-7c5m Moodle Cross-site Scripting (XSS) | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| GHSA-8p86-57fx-w749 Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabilities. | 0% Низкий | больше 3 лет назад | |
| GHSA-8p2c-fgqv-ch4v Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to (1) backup/backupfilesedit.php, (2) comment/comment_post.php, (3) course/switchrole.php, (4) mod/wiki/filesedit.php, (5) tag/coursetags_add.php, or (6) user/files.php. | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу