exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2 470

GHSA-86v9-gqh9-8268

около 3 лет назад

Moodle vulnerable to Cross-site Scripting

EPSS: Низкий

GHSA-853r-xfvj-j429

около 3 лет назад

SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements.

EPSS: Низкий

GHSA-7xv5-m4rh-f939

около 3 лет назад

Moodle 1.9.x before 1.9.18, 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/calendar:manageownentries capability requirement and add a calendar entry via a New Entry action.

EPSS: Низкий

GHSA-7x37-gppm-5c5h

около 3 лет назад

SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter.

EPSS: Низкий

GHSA-7wmp-2xmx-g6h8

7 месяцев назад

Moodle authorization headers preserved between "emulated redirects"

CVSS3: 5.3

EPSS: Низкий

GHSA-7w7p-v23v-56qr

около 3 лет назад

SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."

EPSS: Низкий

GHSA-7q33-5wgv-9752

около 3 лет назад

The moodle_enrol_external:role_assign function in enrol/externallib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 does not have an authorization check, which allows remote authenticated users to gain privileges by making a role assignment.

EPSS: Низкий

GHSA-7prr-3mfr-r778

около 3 лет назад

The Portfolio plugin in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.

EPSS: Низкий

GHSA-7pjp-fm93-p6pj

больше 1 года назад

Cross-Site Request Forgery in moodle

CVSS3: 8.8

EPSS: Низкий

GHSA-7p9m-wjgf-7xr6

около 3 лет назад

Cross-site scripting (XSS) vulnerability in the print_object function in lib/datalib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3, when a developer debugging script is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors involving object states.

EPSS: Низкий

GHSA-7mfw-g8x4-rq2w

около 3 лет назад

Moodle XSS Vulnerability

CVSS3: 6.1

EPSS: Низкий

GHSA-7h8v-2v8x-h264

около 4 лет назад

SQL Injection in moodle

CVSS3: 6.5

EPSS: Низкий

GHSA-7ghm-fp7p-qvjq

около 3 лет назад

Moodle XSS Vulnerability

CVSS3: 6.1

EPSS: Низкий

GHSA-7cvw-wrj9-q5fp

около 3 лет назад

Moodle vulnerable to Cross-Site Request Forgery

EPSS: Низкий

GHSA-79w6-7hhc-89m9

около 3 лет назад

mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 allows remote authenticated users to discover the username of a wiki creator by visiting the history and deletion user interface.

EPSS: Низкий

GHSA-79vx-7whj-rvvr

около 3 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.

EPSS: Низкий

GHSA-79jp-m64f-pgrc

больше 2 лет назад

Moodle Cross-site Scripting vulnerability

CVSS3: 5.4

EPSS: Низкий

GHSA-79h5-2hp9-w4p4

около 3 лет назад

Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.

EPSS: Низкий

GHSA-78fm-qhh8-8858

больше 3 лет назад

Moodle reflected XSS

CVSS3: 6.1

EPSS: Низкий

GHSA-786g-xv8v-9h93

больше 2 лет назад

Moodle Cross-site Scripting vulnerability

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-86v9-gqh9-8268 Moodle vulnerable to Cross-site Scripting		0% Низкий	около 3 лет назад
GHSA-853r-xfvj-j429 SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements.		1% Низкий	около 3 лет назад
GHSA-7xv5-m4rh-f939 Moodle 1.9.x before 1.9.18, 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/calendar:manageownentries capability requirement and add a calendar entry via a New Entry action.		0% Низкий	около 3 лет назад
GHSA-7x37-gppm-5c5h SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter.		2% Низкий	около 3 лет назад
GHSA-7wmp-2xmx-g6h8 Moodle authorization headers preserved between "emulated redirects"	CVSS3: 5.3	0% Низкий	7 месяцев назад
GHSA-7w7p-v23v-56qr SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."		1% Низкий	около 3 лет назад
GHSA-7q33-5wgv-9752 The moodle_enrol_external:role_assign function in enrol/externallib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 does not have an authorization check, which allows remote authenticated users to gain privileges by making a role assignment.		0% Низкий	около 3 лет назад
GHSA-7prr-3mfr-r778 The Portfolio plugin in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.		1% Низкий	около 3 лет назад
GHSA-7pjp-fm93-p6pj Cross-Site Request Forgery in moodle	CVSS3: 8.8	0% Низкий	больше 1 года назад
GHSA-7p9m-wjgf-7xr6 Cross-site scripting (XSS) vulnerability in the print_object function in lib/datalib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3, when a developer debugging script is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors involving object states.		0% Низкий	около 3 лет назад
GHSA-7mfw-g8x4-rq2w Moodle XSS Vulnerability	CVSS3: 6.1	0% Низкий	около 3 лет назад
GHSA-7h8v-2v8x-h264 SQL Injection in moodle	CVSS3: 6.5	1% Низкий	около 4 лет назад
GHSA-7ghm-fp7p-qvjq Moodle XSS Vulnerability	CVSS3: 6.1	0% Низкий	около 3 лет назад
GHSA-7cvw-wrj9-q5fp Moodle vulnerable to Cross-Site Request Forgery		0% Низкий	около 3 лет назад
GHSA-79w6-7hhc-89m9 mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 allows remote authenticated users to discover the username of a wiki creator by visiting the history and deletion user interface.		0% Низкий	около 3 лет назад
GHSA-79vx-7whj-rvvr Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.		0% Низкий	около 3 лет назад
GHSA-79jp-m64f-pgrc Moodle Cross-site Scripting vulnerability	CVSS3: 5.4	1% Низкий	больше 2 лет назад
GHSA-79h5-2hp9-w4p4 Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.		1% Низкий	около 3 лет назад
GHSA-78fm-qhh8-8858 Moodle reflected XSS	CVSS3: 6.1	3% Низкий	больше 3 лет назад
GHSA-786g-xv8v-9h93 Moodle Cross-site Scripting vulnerability	CVSS3: 5.4	1% Низкий	больше 2 лет назад

Уязвимостей на страницу