Page 25 of 200 results (0.015 seconds)

CVSS: 6.8EPSS: 0%CPEs: 27EXPL: 0

Directory traversal vulnerability in the min_get_slash_argument function in lib/configonlylib.php in Moodle through 2.5.9, 2.6.x before 2.6.8, 2.7.x before 2.7.5, and 2.8.x before 2.8.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter, as demonstrated by reading PHP scripts. Vulnerabilidad de salto de directorio en la función min_get_slash_argument en lib/configonlylib.php en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.8, 2.7.x anterior a 2.7.5, y 2.8.x anterior a 2.8.3 permite a usuarios remotos autenticados leer ficheros arbitrarios a través de un .. (punto punto) en el parámetro file, tal y como fue demostrado mediante la lectura de secuencias de comandos PHP. • http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=af9a7937cc085f96bdbc4724cadec6eeae0242fc http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980 http://openwall.com/lists/oss-security/2015/02/04/15 http://openwall.com/lists/oss-security/2015/02/09/2 https://moodle.org/mod/forum/discuss.php?d=279956 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.0EPSS: 0%CPEs: 35EXPL: 0

files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to bypass intended file-management restrictions by using web services to perform uploads after this capability has been revoked. files/externallib.php en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.11, 2.7.x anterior a 2.7.8, y 2.8.x anterior a 2.8.6 no considera la capacidad moodle/user:manageownfiles antes de aprobar una subida de ficheros privados, lo que permite a usuarios remotoa autenticados evadir las restricciones de la gestión de ficheros mediante el uso de servicios web para realizar subidas después de que esta capacidad haya sido revocada. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49994 http://openwall.com/lists/oss-security/2015/05/18/1 http://www.securityfocus.com/bid/74728 http://www.securitytracker.com/id/1032358 https://moodle.org/mod/forum/discuss.php?d=313688 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 3.5EPSS: 0%CPEs: 35EXPL: 0

login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account. login/confirm.php en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.11, 2.7.x anterior a 2.7.8, y 2.8.x anterior a 2.8.6 permite a usuarios remotos autenticados evadir las restricciones de inicio de sesión mediante el aprovechamiento del acceso a una cuenta suspendida no confirmada. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50090 http://openwall.com/lists/oss-security/2015/05/18/1 http://www.securityfocus.com/bid/74725 http://www.securitytracker.com/id/1032358 https://moodle.org/mod/forum/discuss.php?d=313686 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 3.5EPSS: 0%CPEs: 29EXPL: 1

Multiple cross-site scripting (XSS) vulnerabilities in lib/javascript-static.js in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) alt or (2) title attribute in an IMG element. Múltiples vulnerabilidades de XSS en lib/javascript-static.js en Moodle hasta 2.5.9, 2.6.x anterior a 2.6.9, 2.7.x anterior a 2.7.6, y 2.8.x anterior a 2.8.4 permiten a usuarios remotos autenticados inyectar secuencias de comandos web arbitrarios o HTML a través de un atributo (1) alt o (2) title en un elemento IMG. Moodle suffers from persistent cross site scripting vulnerabilities. Input passed to the POST parameters 'config_title' and 'title' thru index.php, are not properly sanitized allowing the attacker to execute HTML or JS code into user's browser session on the affected site. Affected components: Blocks, Glossary, RSS and Tags. • https://www.exploit-db.com/exploits/36418 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49144 http://openwall.com/lists/oss-security/2015/03/16/1 https://moodle.org/mod/forum/discuss.php?d=307383 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 2.1EPSS: 0%CPEs: 19EXPL: 0

webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not ensure that a file upload is for a private or draft area, which allows remote authenticated users to upload files containing JavaScript, and consequently conduct cross-site scripting (XSS) attacks, by specifying the profile-picture area. webservice/upload.php en Moodle 2.6.x anterior a 2.6.6 y 2.7.x anterior a 2.7.3 no asegura que una subida de ficheros es para una área privada o de borrador, lo que permite a usuarios remotos autenticados subir ficheros que contienen JavaScript, y como consecuencia realizar ataques de XSS, al especificar la área de la imagen de perfil. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47868 http://openwall.com/lists/oss-security/2014/11/17/11 http://www.securitytracker.com/id/1031215 https://moodle.org/mod/forum/discuss.php?d=275161 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •