Page 41 of 205 results (0.012 seconds)

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. • http://moodle.org/doc/?file=releaseold.html http://www.osvdb.org/8090 •

CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0

Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts." • http://moodle.org/doc/?file=releaseold.html http://secunia.com/advisories/12262 http://www.osvdb.org/8522 •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 1

Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. • http://marc.info/?l=bugtraq&m=110425409614735&w=2 http://marc.info/?l=bugtraq&m=110444531816566&w=2 http://www.securityfocus.com/bid/12120 https://exchange.xforce.ibmcloud.com/vulnerabilities/18550 •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 2

Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. • http://marc.info/?l=bugtraq&m=109182851216921&w=2 http://secunia.com/advisories/12262 http://www.securityfocus.com/bid/10884 https://exchange.xforce.ibmcloud.com/vulnerabilities/16924 •

CVSS: 6.8EPSS: 1%CPEs: 6EXPL: 2

Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en help.php de Moodle 1.3.2 y 1.4 dev permite a atacantes remotos inyectar script web o HTML de su elección mediante el parámetro fichero. • https://www.exploit-db.com/exploits/24279 http://cvs.sourceforge.net/viewcvs.py/moodle/moodle/help.php http://marc.info/?l=bugtraq&m=108973588000027&w=2 http://www.securityfocus.com/bid/10718 https://exchange.xforce.ibmcloud.com/vulnerabilities/16684 •