|
302191
|
- |
|
moodle
|
moodle
|
The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.
|
CWE-200
Information Exposure
|
CVE-2011-4304
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302192
|
- |
|
moodle
|
moodle
|
lib/db/upgrade.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not set the correct registration_hubs.secret value during installation, which allows remote attackers to bypass intended ac…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4303
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302193
|
- |
|
moodle
|
moodle
|
mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote…
|
CWE-20
Improper Input Validation
|
CVE-2011-4302
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302194
|
- |
|
moodle
|
moodle
|
The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not recognize Forms API setConstant operations, which…
|
NVD-CWE-noinfo
|
CVE-2011-4301
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302195
|
- |
|
moodle
|
moodle
|
The file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not properly restrict access to category and course data, which allows remote attackers to obtain potentially sensi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4300
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302196
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via a wik…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4299
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302197
|
- |
|
moodle
|
moodle
|
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2011-4298
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302198
|
- |
|
linux
|
linux_kernel
|
The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pat…
|
NVD-CWE-noinfo
|
CVE-2011-4324
|
2024-11-21 10:32 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302199
|
- |
|
icu-project
|
international_components_for_unicode
|
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4599
|
2024-11-21 10:32 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302200
|
- |
|
canonical
|
ubuntu_linux
|
The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive infor…
|
CWE-20
Improper Input Validation
|
CVE-2011-4409
|
2024-11-21 10:32 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
