exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2018-14630

почти 7 лет назад

moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy 'drag and drop into text' (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-14630

почти 7 лет назад

moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy 'drag and drop into text' (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-14630

почти 7 лет назад

moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an ...

CVSS3: 8.8

EPSS: Низкий

GHSA-c3pr-h96w-2jjg

около 3 лет назад

Moodle XML import of ddwtos could lead to intentional remote code execution

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-14630 moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy 'drag and drop into text' (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.	CVSS3: 8.8	2% Низкий	почти 7 лет назад
CVE-2018-14630 moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy 'drag and drop into text' (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.	CVSS3: 8.8	2% Низкий	почти 7 лет назад
CVE-2018-14630 moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an ...	CVSS3: 8.8	2% Низкий	почти 7 лет назад
GHSA-c3pr-h96w-2jjg Moodle XML import of ddwtos could lead to intentional remote code execution	CVSS3: 8.8	2% Низкий	около 3 лет назад

Уязвимостей на страницу