|
283321
|
- |
|
moodle
|
moodle
|
Multiple cross-site scripting (XSS) vulnerabilities in badges/renderer.php in Moodle 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3547
|
2024-11-21 11:08 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283322
|
- |
|
moodle
|
moodle
|
Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in (1) notes/index.php and (2) user/edit.ph…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3546
|
2024-11-21 11:08 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283323
|
- |
|
moodle
|
moodle
|
Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to execute arbitrary code via a calculated question in a q…
|
CWE-94
Code Injection
|
CVE-2014-3545
|
2024-11-21 11:08 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283324
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in user/profile.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3544
|
2024-11-21 11:08 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283325
|
- |
|
moodle
|
moodle
|
mod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with…
|
CWE-200
Information Exposure
|
CVE-2014-3543
|
2024-11-21 11:08 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283326
|
- |
|
moodle
|
moodle
|
mod/lti/service.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via an XML external e…
|
CWE-200
Information Exposure
|
CVE-2014-3542
|
2024-11-21 11:08 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283327
|
- |
|
moodle
|
moodle
|
The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attack…
|
CWE-94
Code Injection
|
CVE-2014-3541
|
2024-11-21 11:08 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283328
|
- |
|
openstack
|
neutron
|
OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a la…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3555
|
2024-11-21 11:08 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283329
|
- |
|
apple
canonical
fedoraproject
|
cups
ubuntu_linux
fedora
|
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
|
CWE-59
Link Following
|
CVE-2014-3537
|
2024-11-21 11:08 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283330
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 5.2.0 and 6.2.4, expands entity references…
|
CWE-200
Information Exposure
|
CVE-2014-3530
|
2024-11-21 11:08 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
