|
290191
|
- |
|
cisco
|
nac_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities in the web-authentication function on the Cisco NAC Appliance 4.9.2 and earlier allow remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6029
|
2024-11-21 10:45 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290192
|
- |
|
tinymce
moodle
|
spellchecker_php
moodle
|
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x be…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6112
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290193
|
- |
|
moodle
|
moodle
|
calendar/managesubscriptions.php in the Manage Subscriptions implementation in Moodle 2.4.x before 2.4.1 omits a capability check, which allows remote authenticated users to remove course-level calen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6106
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290194
|
- |
|
moodle
|
moodle
|
blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote atta…
|
CWE-200
Information Exposure
|
CVE-2012-6105
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290195
|
- |
|
moodle
|
moodle
|
blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allows remote attackers to obtain sensitive information from site-level blogs by leveraging the guest role and…
|
CWE-200
Information Exposure
|
CVE-2012-6104
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290196
|
- |
|
moodle
|
moodle
|
Multiple cross-site request forgery (CSRF) vulnerabilities in user/messageselect.php in the messaging system in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote atta…
|
CWE-352
Origin Validation Error
|
CVE-2012-6103
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290197
|
- |
|
moodle
|
moodle
|
lib.php in the Submission comments plugin in the Assignment module in Moodle 2.3.x before 2.3.4 and 2.4.x before 2.4.1 allows remote attackers to read or modify the submission comments (aka feedback …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6102
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290198
|
- |
|
moodle
|
moodle
|
Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing at…
|
CWE-20
Improper Input Validation
|
CVE-2012-6101
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290199
|
- |
|
moodle
|
moodle
|
report/outline/index.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly enforce the moodle/user:viewhiddendetails capability requirement, which allows remo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6100
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290200
|
- |
|
moodle
|
moodle
|
The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, wh…
|
CWE-20
Improper Input Validation
|
CVE-2012-6099
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
