|
296601
|
- |
|
devsaran
|
best_responsive
|
Cross-site scripting (XSS) vulnerability in the Best Responsive Theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1780
|
2024-11-21 10:50 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296602
|
- |
|
devsaran
|
fresh
|
Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Fresh theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1779
|
2024-11-21 10:50 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296603
|
- |
|
devsaran
|
creative
|
Cross-site scripting (XSS) vulnerability in the Creative Theme 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1778
|
2024-11-21 10:50 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296604
|
- |
|
moodle
|
moodle
|
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1836
|
2024-11-21 10:50 |
2013-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296605
|
- |
|
moodle
|
moodle
|
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of …
|
CWE-200
Information Exposure
|
CVE-2013-1835
|
2024-11-21 10:50 |
2013-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296606
|
- |
|
moodle
|
moodle
|
notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated users to reassign notes via a modified (1…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1834
|
2024-11-21 10:50 |
2013-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296607
|
- |
|
moodle
|
moodle
|
Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated u…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1833
|
2024-11-21 10:50 |
2013-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296608
|
- |
|
moodle
|
moodle
|
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote auth…
|
CWE-200
Information Exposure
|
CVE-2013-1832
|
2024-11-21 10:50 |
2013-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296609
|
- |
|
moodle
|
moodle
|
lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals…
|
CWE-200
Information Exposure
|
CVE-2013-1831
|
2024-11-21 10:50 |
2013-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296610
|
- |
|
fedoraproject
moodle
|
fedora
moodle
|
user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote attackers to obtain sens…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1830
|
2024-11-21 10:50 |
2013-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
