厂商或团体 moodle 的搜索结果 (329)

CVE-2015-5335(发布:2016-02-22 00:59:13)NMS
CVSS4.3

[原文]Cross-site request forgery (CSRF) vulnerability in admin/registration/register.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote attackers to hijack the authentication of administrators for requests that send statistics to an arbitrary hub URL.

CVE-2015-5332(发布:2016-02-22 00:59:12)NMS
CVSS7.1

[原文]Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosave feature.

CVE-2015-5331(发布:2016-02-22 00:59:11)NMS
CVSS4.0

[原文]Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API.

CVE-2015-5272(发布:2016-02-22 00:59:10)NM
CVSS4.0

[原文]The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants."

CVE-2015-5269(发布:2016-02-22 00:59:09)NM
CVSS3.5

[原文]Cross-site scripting (XSS) vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to inject arbitrary web script or HTML via a modified grouping description.

CVE-2015-5268(发布:2016-02-22 00:59:08)NM
CVSS4.0

[原文]The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value.

首页上一页56789101112下一页尾页 第7页 / 共55页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站