Search Results | AttackerKB

21 Total Results

Displaying 1-10 of 21

Attacker Value

Unknown

CVE-2018-1044

Disclosure Date: January 22, 2018 (last updated November 26, 2024)

In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.

Attacker Value

Unknown

CVE-2018-1042

Disclosure Date: January 22, 2018 (last updated November 26, 2024)

Moodle 3.x has Server Side Request Forgery in the filepicker.

Attacker Value

Unknown

CVE-2018-1043

Disclosure Date: January 22, 2018 (last updated November 26, 2024)

In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.

Attacker Value

Unknown

CVE-2018-1045

Disclosure Date: January 22, 2018 (last updated November 26, 2024)

In Moodle 3.x, there is XSS via a calendar event name.

Attacker Value

Unknown

CVE-2017-12156

Disclosure Date: September 18, 2017 (last updated November 26, 2024)

Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.

Attacker Value

Unknown

CVE-2017-12157

Disclosure Date: September 18, 2017 (last updated November 26, 2024)

In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.

Attacker Value

Unknown

CVE-2017-7532

Disclosure Date: July 17, 2017 (last updated November 26, 2024)

In Moodle 3.x, course creators are able to change system default settings for courses.

Attacker Value

Unknown

CVE-2017-2642

Disclosure Date: July 17, 2017 (last updated November 26, 2024)

Moodle 3.x has user fullname disclosure on the user preferences page.

Attacker Value

Unknown

CVE-2017-7491

Disclosure Date: May 15, 2017 (last updated November 26, 2024)

In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.

Attacker Value

Unknown

CVE-2017-7489

Disclosure Date: May 15, 2017 (last updated November 26, 2024)

In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.

21 Total Results

Displaying 1-10 of 21

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification