Количество 2 470
Количество 2 470
GHSA-58r8-934v-x9pp
Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators.
GHSA-58fm-v4pr-jh8p
Moodle Unrestricted file upload vulnerability
GHSA-5729-822w-j342
Moodle cross-site scripting (XSS) vulnerability
GHSA-56r9-72vx-q989
Moodle arbitrary file read vulnerability
GHSA-565r-cwvm-gv9r
mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors.
GHSA-5659-g9p4-354f
Moodle allows attackers to bypass a forced-password-change requirement
GHSA-557f-2hv4-7jjm
Moodle does not verify group permissions
GHSA-54r2-r67g-fr9m
Moodle User fullname disclosure on user preferences page
GHSA-5488-2xmq-hwfh
Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by webservice/xmlrpc/locallib.php and certain other files.
GHSA-5282-96ff-xx3h
Moodle sensitive information disclosure
GHSA-4xjc-8h53-m2ww
calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role.
GHSA-4wvg-7886-83gv
Moodle cross-site request forgery (CSRF) vulnerability
GHSA-4w8m-96v9-2c86
Moodle CRLF Injection Vulnerability in Calendar Component
GHSA-4w4j-9533-82qg
Moodle Cross-site Scripting (XSS)
GHSA-4vfx-5fp5-jh6f
Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the navtail parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
GHSA-4rmj-w58m-fvch
Moodle vulnerable to Server-Side Request Forgery
GHSA-4r9p-m9h5-r8vm
Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php.
GHSA-4r4x-49qh-hfgv
Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens.
GHSA-4r2p-wpv5-683w
Moodle XSS Vulnerability
GHSA-4qxc-qxrp-33cw
Moodle denial-of-service risk in the draft files area
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-58r8-934v-x9pp Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | 0% Низкий | около 3 лет назад | |
| GHSA-58fm-v4pr-jh8p Moodle Unrestricted file upload vulnerability | CVSS3: 8.8 | 4% Низкий | около 3 лет назад |
| GHSA-5729-822w-j342 Moodle cross-site scripting (XSS) vulnerability | CVSS3: 5.4 | 0% Низкий | около 3 лет назад |
| GHSA-56r9-72vx-q989 Moodle arbitrary file read vulnerability | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| GHSA-565r-cwvm-gv9r mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors. | 0% Низкий | около 3 лет назад | |
| GHSA-5659-g9p4-354f Moodle allows attackers to bypass a forced-password-change requirement | 0% Низкий | около 3 лет назад | |
| GHSA-557f-2hv4-7jjm Moodle does not verify group permissions | 0% Низкий | около 3 лет назад | |
| GHSA-54r2-r67g-fr9m Moodle User fullname disclosure on user preferences page | CVSS3: 6.5 | 0% Низкий | около 3 лет назад |
| GHSA-5488-2xmq-hwfh Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by webservice/xmlrpc/locallib.php and certain other files. | 0% Низкий | около 3 лет назад | |
| GHSA-5282-96ff-xx3h Moodle sensitive information disclosure | CVSS3: 4.3 | 0% Низкий | около 3 лет назад |
| GHSA-4xjc-8h53-m2ww calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role. | 0% Низкий | около 3 лет назад | |
| GHSA-4wvg-7886-83gv Moodle cross-site request forgery (CSRF) vulnerability | 0% Низкий | около 3 лет назад | |
| GHSA-4w8m-96v9-2c86 Moodle CRLF Injection Vulnerability in Calendar Component | 0% Низкий | около 3 лет назад | |
| GHSA-4w4j-9533-82qg Moodle Cross-site Scripting (XSS) | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
| GHSA-4vfx-5fp5-jh6f Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the navtail parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | 0% Низкий | около 3 лет назад | |
| GHSA-4rmj-w58m-fvch Moodle vulnerable to Server-Side Request Forgery | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| GHSA-4r9p-m9h5-r8vm Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php. | 0% Низкий | около 3 лет назад | |
| GHSA-4r4x-49qh-hfgv Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens. | 0% Низкий | около 3 лет назад | |
| GHSA-4r2p-wpv5-683w Moodle XSS Vulnerability | CVSS3: 5.4 | 0% Низкий | около 3 лет назад |
| GHSA-4qxc-qxrp-33cw Moodle denial-of-service risk in the draft files area | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу