CVE-2013-3630 – Moodle - Remote Command Execution
https://notcve.org/view.php?id=CVE-2013-3630
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor. Moodle a través de 2.5.2 permite a los administradores remotos autenticados ejecutar programas arbitrarios mediante la configuración de la ruta aspell y luego desencadenar una operación de corrección ortográfica en el editor TinyMCE. • https://www.exploit-db.com/exploits/29324 http://packetstormsecurity.com/files/164479/Moodle-Authenticated-Spelling-Binary-Remote-Code-Execution.html https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats https://www.rapid7.com/blog/post/2013/10/30/seven-tricks-and-treats • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2013-4313
https://notcve.org/view.php?id=CVE-2013-4313
Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote attackers to conduct SQL injection attacks against Microsoft SQL Server via a crafted string. Moodle desde 2.2.11, 2.3.x anterior a 2.3.9, 2.4.x anterior a 2.4.6, y 2.5.x anterior a 2.5.2 no previene el uso de caracteres "\0" en cadenas de busqueda lo que podría permitir a atacantes remotos dirigir un ataque de inyección SQL contra Microsoft SQL Server a través de una cadena manipulada • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-40676 https://moodle.org/mod/forum/discuss.php?d=238396 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2013-5674
https://notcve.org/view.php?id=CVE-2013-5674
badges/external.php in Moodle 2.5.x before 2.5.2 does not properly handle an object obtained by unserializing a description of an external badge, which allows remote attackers to conduct PHP object injection attacks via unspecified vectors, as demonstrated by overwriting the value of the userid parameter. badges/external.php en Moodle 2.5.x anteriores a 2.5.2 no maneja adecuadamente un objeto obtenido deserializando una descripción de badge externo, lo que permite a un atacante remoto realizar ataques de inyección de objeto en PHP a través de vectores no especificados, como fué demostrado sobreescribiendo el valor del parámetro userid. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-40924 https://moodle.org/mod/forum/discuss.php?d=238397 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2012-6087
https://notcve.org/view.php?id=CVE-2012-6087
repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to an incorrect CURLOPT_SSL_VERIFYHOST value. repository/s3/S3.php en Amazon S3 library en Moodle de la 2.2.11, 2.3.x anterior a 2.3.9, 2.4.x anterior a 2.4.6, y 2.5.x anterior a 2.5.2, no verifica que el nombre de host coincida con el nombre de dominio en el Common Name (CN) o el campo subjectAltName del certificado X.509, lo que permite a atacantes "man-in-the-middle" suplantar a los servidores SSL a través de un certificado válido de su elección, relacionado con un valor incorrecto de CURLOPT_SSL_VERIFYHOST. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-40615 http://www.openwall.com/lists/oss-security/2013/01/03/1 https://moodle.org/mod/forum/discuss.php?d=238393 • CWE-20: Improper Input Validation •
CVE-2013-4341 – Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-4341
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed. Múltiples vulnerabilidades de XSS en Moodle de la versión 2.2.11, 2.3.x anterior a 2.3.9, 2.4.x anterior a 2.4.6, y 2.5.x anterior a 2.5.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de un enlace al blog dentro de un feed RSS. • https://www.exploit-db.com/exploits/28174 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41623 http://packetstormsecurity.com/files/164479/Moodle-Authenticated-Spelling-Binary-Remote-Code-Execution.html https://moodle.org/mod/forum/discuss.php?d=238399 https://www.rapid7.com/blog/post/2013/10/30/seven-tricks-and-treats • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •