|
295001
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the idnu…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2365
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295002
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2364
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295003
|
- |
|
moodle
|
moodle
|
SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x before 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calend…
|
CWE-89
SQL Injection
|
CVE-2012-2363
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295004
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x before 1.9.18, when Internet Explorer is used, allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2362
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295005
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authen…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2361
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295006
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2360
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295007
|
- |
|
moodle
|
moodle
|
admin/roles/override.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to gain privileges by leveraging the teacher role and modifying the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2359
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295008
|
- |
|
moodle
|
moodle
|
Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to bypass an activity's read-only state and modify the database by leveraging the student role …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2358
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295009
|
- |
|
moodle
|
moodle
|
The Multi-Authentication feature in the Central Authentication Service (CAS) functionality in auth/cas/cas_form.html in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not use HTTPS, which allo…
|
CWE-200
Information Exposure
|
CVE-2012-2357
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295010
|
- |
|
moodle
|
moodle
|
The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a save_question…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2356
|
2024-11-21 10:38 |
2012-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
