CVSS: 5.8EPSS: 0%CPEs: 35EXPL: 0CVE-2015-3175
https://notcve.org/view.php?id=CVE-2015-3175
Multiple open redirect vulnerabilities in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an error page that links to a URL from an HTTP Referer header. Múltiples vulnerabilidades de la redirección abierta en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.11, 2.7.x anterior a 2.7.8, y 2.8.x anterior a 2.8.6 permiten a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a través de vectores que involucran una página de error que vincula a una URL de una cabecera HTTP Referer. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49179 http://openwall.com/lists/oss-security/2015/05/18/1 http://www.securityfocus.com/bid/74720 http://www.securitytracker.com/id/1032358 https://moodle.org/mod/forum/discuss.php?d=313682 •
CVSS: 4.0EPSS: 0%CPEs: 22EXPL: 0CVE-2015-0211
https://notcve.org/view.php?id=CVE-2015-0211
mod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 does not consider the moodle/course:manageactivities and mod/lti:addinstance capabilities before proceeding with registered-tool list searches, which allows remote authenticated users to obtain sensitive information via requests to the LTI Ajax service. mod/lti/ajax.php en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.7, 2.7.x anterior a 2.7.4, y 2.8.x anterior a 2.8.2 no considera las capacidades moodle/course:manageactivities y mod/lti:addinstance antes de proceder con búsquedas de listas de herramientas registradas, lo que permite a usuarios remotos autenticados obtener información sensible a través de solicitudes al servicio LTI Ajax. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47920 http://openwall.com/lists/oss-security/2015/01/19/1 https://moodle.org/mod/forum/discuss.php?d=278611 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.5EPSS: 0%CPEs: 35EXPL: 0CVE-2015-3174
https://notcve.org/view.php?id=CVE-2015-3174
mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISK_XSS bit for graders, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted gradebook feedback during manual quiz grading. mod/quiz/db/access.php en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.11, 2.7.x anterior a 2.7.8, y 2.8.x anterior a 2.8.6 no configura el bit RISK_XSS para graduadores, lo que permite a usuarios remotos autenticados realizar ataques de XSS a través de comentarios (feedback) manipulados del libro de notas durante la graduación manual de cuestionarios. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49941 http://openwall.com/lists/oss-security/2015/05/18/1 http://www.securityfocus.com/bid/74719 http://www.securitytracker.com/id/1032358 https://moodle.org/mod/forum/discuss.php?d=313681 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 29EXPL: 0CVE-2015-2267
https://notcve.org/view.php?id=CVE-2015-2267
mdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass intended access restrictions and extract archives to arbitrary directories via a crafted dataroot value. mdeploy.php en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.9, 2.7.x anterior a 2.7.6, y 2.8.x anterior a 2.8.4 permite a usuarios remotos autenticados evadir las restricciones de acceso y extraer archivos a directorios arbitrarios a través de un valor dataroot manipulado. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49087 http://openwall.com/lists/oss-security/2015/03/16/1 https://moodle.org/mod/forum/discuss.php?d=307381 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 27EXPL: 0CVE-2015-1493
https://notcve.org/view.php?id=CVE-2015-1493
Directory traversal vulnerability in the min_get_slash_argument function in lib/configonlylib.php in Moodle through 2.5.9, 2.6.x before 2.6.8, 2.7.x before 2.7.5, and 2.8.x before 2.8.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter, as demonstrated by reading PHP scripts. Vulnerabilidad de salto de directorio en la función min_get_slash_argument en lib/configonlylib.php en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.8, 2.7.x anterior a 2.7.5, y 2.8.x anterior a 2.8.3 permite a usuarios remotos autenticados leer ficheros arbitrarios a través de un .. (punto punto) en el parámetro file, tal y como fue demostrado mediante la lectura de secuencias de comandos PHP. • http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=af9a7937cc085f96bdbc4724cadec6eeae0242fc http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980 http://openwall.com/lists/oss-security/2015/02/04/15 http://openwall.com/lists/oss-security/2015/02/09/2 https://moodle.org/mod/forum/discuss.php?d=279956 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •