|
298851
|
- |
|
bitcoin
|
wxbitcoin
bitcoin_core
|
The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers t…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4447
|
2024-11-21 10:32 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298852
|
- |
|
moodle
|
moodle
|
Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle user/action_redir group messages, which allows remote authenticated users to discover e-mail addresses …
|
CWE-200
Information Exposure
|
CVE-2011-4593
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298853
|
- |
|
moodle
|
moodle
|
The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4592
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298854
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the print_object function in lib/datalib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3, when a developer debugging script is enabled, allows remo…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4591
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298855
|
- |
|
moodle
|
moodle
|
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows re…
|
CWE-287
Improper Authentication
|
CVE-2011-4590
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298856
|
- |
|
moodle
|
moodle
|
backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not check for the moodle/course:changeidnumber privilege during handling of course ID numbers, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4589
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298857
|
- |
|
moodle
|
moodle
|
The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x before 1.9.15 uses an incorrect data type, which allows remote attackers to bypass intended IP address restrictions via an XMLRPC requ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4588
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298858
|
- |
|
moodle
|
moodle
|
lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote attac…
|
CWE-255
Credentials Management
|
CVE-2011-4587
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298859
|
- |
|
moodle
|
moodle
|
CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP h…
|
NVD-CWE-Other
|
CVE-2011-4586
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298860
|
- |
|
moodle
|
moodle
|
login/change_password.php in Moodle 1.9.x before 1.9.15 does not use https for the change-password form even if the httpslogin option is enabled, which allows remote attackers to obtain credentials b…
|
CWE-16
Configuration
|
CVE-2011-4585
|
2024-11-21 10:32 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
