|
292791
|
6.1 |
MEDIUM
Network
|
chyrp
|
chyrp
|
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1001
|
2024-11-21 10:36 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292792
|
5.5 |
MEDIUM
Local
|
pidgin
|
pidgin
|
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2012-1257
|
2024-11-21 10:36 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292793
|
7.5 |
HIGH
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2012-1170
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292794
|
5.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
|
CWE-200
Information Exposure
|
CVE-2012-1169
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292795
|
4.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results
|
CWE-200
Information Exposure
|
CVE-2012-1161
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292796
|
2.7 |
LOW
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2012-1160
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292797
|
4.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2: Overview report allows users to see hidden courses
|
CWE-200
Information Exposure
|
CVE-2012-1159
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292798
|
4.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
|
CWE-200
Information Exposure
|
CVE-2012-1158
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292799
|
4.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
|
CWE-276
Incorrect Default Permissions
|
CVE-2012-1157
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292800
|
8.2 |
HIGH
Network
|
moodle
fedoraproject
redhat
|
moodle
fedora
enterprise_linux
|
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
|
CWE-20
Improper Input Validation
|
CVE-2012-1168
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
