|
275881
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in mod/quiz/report/statistics/statistics_question_table.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows rem…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2273
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275882
|
- |
|
moodle
|
moodle
|
login/token.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass a forced-password-change requirement by creating a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2272
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275883
|
- |
|
moodle
|
moodle
|
tag/user.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/tag:flag capability before proceeding with a flaginappropriate action…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2271
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275884
|
- |
|
moodle
|
moodle
|
lib/moodlelib.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4, when the theme uses the blocks-regions feature, establishes the course state at an incorrect…
|
CWE-17
Code
|
CVE-2015-2270
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275885
|
- |
|
moodle
|
moodle
|
Multiple cross-site scripting (XSS) vulnerabilities in lib/javascript-static.js in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allow remote authenticated user…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2269
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275886
|
- |
|
moodle
|
moodle
|
filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to cause a denial of service (CPU consumption or …
|
CWE-399
Resource Management Errors
|
CVE-2015-2268
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275887
|
- |
|
moodle
|
moodle
|
mdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass intended access restrictions and extract archives to ar…
|
CWE-284
Improper Access Control
|
CVE-2015-2267
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275888
|
- |
|
moodle
|
moodle
|
message/index.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/site:readallmessages capability before accessing arbitrary conve…
|
CWE-200
Information Exposure
|
CVE-2015-2266
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275889
|
- |
|
linux
fedoraproject
|
linux_kernel
fedora
|
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2666
|
2024-11-21 11:27 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275890
|
- |
|
mit
|
kerberos_5
|
The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an int…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2694
|
2024-11-21 11:27 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
