厂商或团体 moodle 的搜索结果 (337)

CVE-2018-1081(发布:2018-04-04 17:29:00)NMS
CVSS5.0

[原文]A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed.

CVE-2018-1082(发布:2018-04-04 17:29:00)NMPS
CVSS6.8

[原文]A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.

CVE-2018-1042(发布:2018-01-22 03:29:00)NMPS
CVSS4.0

[原文]Moodle 3.x has Server Side Request Forgery in the filepicker.

CVE-2018-1043(发布:2018-01-22 03:29:00)NMS
CVSS4.0

[原文]In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.

CVE-2018-1044(发布:2018-01-22 03:29:00)NMS
CVSS4.0

[原文]In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.

CVE-2018-1045(发布:2018-01-22 03:29:00)NMS
CVSS3.5

[原文]In Moodle 3.x, there is XSS via a calendar event name.

12345678下一页尾页 第1页 / 共57页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站