Количество 4
Количество 4
CVE-2006-4943
course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter.
CVE-2006-4943
course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter.
CVE-2006-4943
course/jumpto.php in Moodle before 1.6.2 does not validate the session ...
GHSA-73q4-xm6m-m55x
course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2006-4943 course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter. | CVSS2: 5 | 0% Низкий | больше 18 лет назад |
 | CVE-2006-4943 course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter. | CVSS2: 5 | 0% Низкий | больше 18 лет назад |
| CVE-2006-4943 course/jumpto.php in Moodle before 1.6.2 does not validate the session ... | CVSS2: 5 | 0% Низкий | больше 18 лет назад |
| GHSA-73q4-xm6m-m55x course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter. | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу