CVE-2004-1425
https://notcve.org/view.php?id=CVE-2004-1425
Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. • http://marc.info/?l=bugtraq&m=110425409614735&w=2 http://marc.info/?l=bugtraq&m=110444531816566&w=2 http://www.securityfocus.com/bid/12120 https://exchange.xforce.ibmcloud.com/vulnerabilities/18550 •
CVE-2004-2235
https://notcve.org/view.php?id=CVE-2004-2235
Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. • http://moodle.org/doc/?file=releaseold.html http://www.osvdb.org/7711 •
CVE-2004-1711
https://notcve.org/view.php?id=CVE-2004-1711
Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. • http://marc.info/?l=bugtraq&m=109182851216921&w=2 http://secunia.com/advisories/12262 http://www.securityfocus.com/bid/10884 https://exchange.xforce.ibmcloud.com/vulnerabilities/16924 •
CVE-2004-0725 – Moodle Help Script 1.x - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2004-0725
Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en help.php de Moodle 1.3.2 y 1.4 dev permite a atacantes remotos inyectar script web o HTML de su elección mediante el parámetro fichero. • https://www.exploit-db.com/exploits/24279 http://cvs.sourceforge.net/viewcvs.py/moodle/moodle/help.php http://marc.info/?l=bugtraq&m=108973588000027&w=2 http://www.securityfocus.com/bid/10718 https://exchange.xforce.ibmcloud.com/vulnerabilities/16684 •
CVE-2004-1978 – Moodle 1.1/1.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2004-1978
Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter. • https://www.exploit-db.com/exploits/24071 http://marc.info/?l=bugtraq&m=108335043825605&w=2 http://secunia.com/advisories/11535 http://securitytracker.com/id?1010008 http://www.osvdb.org/5747 http://www.securityfocus.com/bid/10251 https://exchange.xforce.ibmcloud.com/vulnerabilities/16023 •