CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 1CVE-2004-1424
https://notcve.org/view.php?id=CVE-2004-1424
Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. • http://marc.info/?l=bugtraq&m=110425409614735&w=2 http://marc.info/?l=bugtraq&m=110444531816566&w=2 http://secunia.com/advisories/13694 http://www.securityfocus.com/bid/12120 https://exchange.xforce.ibmcloud.com/vulnerabilities/18702 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2004-2237
https://notcve.org/view.php?id=CVE-2004-2237
Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts." • http://moodle.org/doc/?file=releaseold.html http://secunia.com/advisories/12262 http://www.osvdb.org/8522 •
CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 1CVE-2004-1425
https://notcve.org/view.php?id=CVE-2004-1425
Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. • http://marc.info/?l=bugtraq&m=110425409614735&w=2 http://marc.info/?l=bugtraq&m=110444531816566&w=2 http://www.securityfocus.com/bid/12120 https://exchange.xforce.ibmcloud.com/vulnerabilities/18550 •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 2CVE-2004-1711
https://notcve.org/view.php?id=CVE-2004-1711
Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. • http://marc.info/?l=bugtraq&m=109182851216921&w=2 http://secunia.com/advisories/12262 http://www.securityfocus.com/bid/10884 https://exchange.xforce.ibmcloud.com/vulnerabilities/16924 •
CVSS: 6.8EPSS: 1%CPEs: 6EXPL: 2CVE-2004-0725 – Moodle Help Script 1.x - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2004-0725
Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en help.php de Moodle 1.3.2 y 1.4 dev permite a atacantes remotos inyectar script web o HTML de su elección mediante el parámetro fichero. • https://www.exploit-db.com/exploits/24279 http://cvs.sourceforge.net/viewcvs.py/moodle/moodle/help.php http://marc.info/?l=bugtraq&m=108973588000027&w=2 http://www.securityfocus.com/bid/10718 https://exchange.xforce.ibmcloud.com/vulnerabilities/16684 •