Show filters
99 Total Results
Displaying 91-99 of 99
Sort by:
Attacker Value
Unknown

CVE-2010-0400

Disclosure Date: April 07, 2010 (last updated October 04, 2023)
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username.
0
0
Attacker Value
Unknown

CVE-2009-3298

Disclosure Date: November 03, 2009 (last updated October 04, 2023)
Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote authenticated institution administrators to reset a site administrator password via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2009-3299

Disclosure Date: November 03, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the resume blocktype in Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2009-2171

Disclosure Date: June 23, 2009 (last updated October 04, 2023)
Mahara 1.1 before 1.1.5 does not apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact.
0
0
Attacker Value
Unknown

CVE-2009-2170

Disclosure Date: June 23, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2009-0664

Disclosure Date: April 23, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field in a user profile or (2) an arbitrary text block in a user view.
0
0
Attacker Value
Unknown

CVE-2009-0660

Disclosure Date: March 11, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.10 and 1.1 before 1.1.2 allow remote attackers to inject arbitrary web script or HTML via a (1) profile and (2) blog, a different vulnerability than CVE-2009-0487.
0
0
Attacker Value
Unknown

CVE-2009-0487

Disclosure Date: February 09, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows remote attackers to inject arbitrary web script or HTML via a crafted forum post.
0
0
Attacker Value
Unknown

CVE-2008-0381

Disclosure Date: January 22, 2008 (last updated October 04, 2023)
Unspecified vulnerability in Mahara before 0.9.1 has unknown impact and remote attack vectors, probably related to cross-site scripting (XSS) in uploaded files.
0
0
View More Topics  < Previous