Exposição de Moodle

LMS

70

score de exposição

13.690

sites usam

0

em exploração

7

críticos

CVEs

292 resultados

CVE-2012-1160—Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.phpEPSS 1.2%CVE-2017-7489—In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.EPSS 1.2%CVE-2012-1157—Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by defaultEPSS 1.2%CVE-2022-30597—A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.EPSS 1.2%CVE-2018-1135—An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle filEPSS 1.2%CVE-2016-8642—In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.EPSS 1.2%CVE-2023-28329MEDIUMMoodle: authenticated sql injection via availability checkEPSS 1.2%CVE-2023-28330MEDIUMMoodle: authenticated arbitrary file read through malformed backup fileEPSS 1.2%CVE-2016-8644—In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.EPSS 1.2%CVE-2023-28333CRITICALMoodle: pix helper potential mustache code injection riskEPSS 1.2%CVE-2023-5546MEDIUMMoodle: stored xss in quiz grading report via user id numberEPSS 1.2%CVE-2017-15110—In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students cEPSS 1.2%CVE-2021-32478—The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versioEPSS 1.2%CVE-2023-30944MEDIUMMoodle: minor sql injection risk in external wiki method for listing pagesEPSS 1.1%CVE-2019-3808MEDIUMA flaw was found in Moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The 'manage grEPSS 1.1%CVE-2019-14881MEDIUMA vulnerability was found in moodle 3.7 before 3.7.3, where there is blind XSS reflected in some locations where user email is displayed.EPSS 1.1%CVE-2019-10186MEDIUMA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading aEPSS 1.1%CVE-2019-14882LOWA vulnerability was found in Moodle 3.7 to 3.7.3, 3.6 to 3.6.7, 3.5 to 3.5.9 and earlier where an open redirect existed in the Lesson edit pEPSS 1.1%CVE-2019-14880MEDIUMA vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not EPSS 1.1%CVE-2019-14883LOWA vulnerability was found in Moodle 3.6 before 3.6.7 and 3.7 before 3.7.3, where tokens used to fetch inline atachments in email notificatioEPSS 1.1%

← anteriorpágina 4 / 15próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →