|
299611
|
- |
|
moodle
|
moodle
|
Multiple cross-site request forgery (CSRF) vulnerabilities in user/messageselect.php in the messaging system in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote atta…
|
CWE-352
Origin Validation Error
|
CVE-2012-6103
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299612
|
- |
|
moodle
|
moodle
|
lib.php in the Submission comments plugin in the Assignment module in Moodle 2.3.x before 2.3.4 and 2.4.x before 2.4.1 allows remote attackers to read or modify the submission comments (aka feedback …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6102
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299613
|
- |
|
moodle
|
moodle
|
Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing at…
|
CWE-20
Improper Input Validation
|
CVE-2012-6101
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299614
|
- |
|
moodle
|
moodle
|
report/outline/index.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly enforce the moodle/user:viewhiddendetails capability requirement, which allows remo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6100
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299615
|
- |
|
moodle
|
moodle
|
The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, wh…
|
CWE-20
Improper Input Validation
|
CVE-2012-6099
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299616
|
- |
|
moodle
|
moodle
|
grade/edit/outcome/edit_form.php in Moodle 1.9.x through 1.9.19, 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly enforce the moodle/grade:manage …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6098
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299617
|
- |
|
tp-link
|
tl-wr841n_firmware
tl-wr841n
|
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitr…
|
CWE-22
Path Traversal
|
CVE-2012-6276
|
2024-11-21 10:45 |
2013-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299618
|
- |
|
dell
|
openmanage_server_administrator
|
Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic p…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6272
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299619
|
- |
|
isc
redhat
canonical
|
bind
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
ubuntu_linux
|
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a d…
|
CWE-20
Improper Input Validation
|
CVE-2012-5689
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299620
|
- |
|
proftpd
|
proftpd
|
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD command…
|
CWE-362
Race Condition
|
CVE-2012-6095
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
