厂商或团体 moodle 的搜索结果 (337)

CVE-2018-1081(发布:2018-04-04 17:29:00)NMS

CVSS

5.0

[原文]A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions. Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed.

CVE-2018-1082(发布:2018-04-04 17:29:00)NMPS

CVSS

6.8

[原文]A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4. If a user account using OAuth2 authentication method was once confirmed but later suspended, the user could still login to the site.

CVE-2018-1042(发布:2018-01-22 03:29:00)NMPS

CVSS

4.0

[原文]Moodle 3.x has Server Side Request Forgery in the filepicker.

CVE-2018-1043(发布:2018-01-22 03:29:00)NMS

CVSS

4.0

[原文]In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.

CVE-2018-1044(发布:2018-01-22 03:29:00)NMS

CVSS

4.0

[原文]In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.

CVE-2018-1045(发布:2018-01-22 03:29:00)NMS

CVSS

3.5

[原文]In Moodle 3.x, there is XSS via a calendar event name.