厂商或团体 moodle 的搜索结果 (329)

CVE-2015-5267(发布:2016-02-22 00:59:07)NM
CVSS5.0

[原文]lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 relies on the PHP mt_rand function to implement the random_string and complex_random_string functions, which makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.

CVE-2015-5266(发布:2016-02-22 00:59:06)NM
CVSS4.9

[原文]The enrol_meta_sync function in enrol/meta/locallib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to obtain manager privileges in opportunistic circumstances by leveraging incorrect role processing during a long-running sync script.

CVE-2015-5265(发布:2016-02-22 00:59:05)NM
CVSS4.0

[原文]The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles capability before authorizing file management, which allows remote authenticated users to delete arbitrary files by using a manage-files button in a text editor.

CVE-2015-5264(发布:2016-02-22 00:59:04)NM
CVSS5.5

[原文]The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role.

CVE-2015-3275(发布:2016-02-22 00:59:03)NMCS
CVSS4.3

[CNNVD]Moodle 安全漏洞--Moodle是澳大利亚马丁-多基马(Martin Dougiamas)博士开发的一套免费、开源的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle中存在安全漏洞。攻击者可利用该漏洞在用户上下文中注入并执行任意代码。 ...

CVE-2015-3274(发布:2016-02-22 00:59:02)NMCS
CVSS4.3

[CNNVD]Moodle‘user/lib.php’跨站脚本漏洞--Moodle是澳大利亚马丁-多基马(Martin Dougiamas)博士开发的一套免费、开源的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle中存在跨站脚本漏洞,该漏洞源于程序没有充分过滤用户提交的输入。当用户浏览受影响的网站时,其浏览器将执行攻击...

首页上一页678910111213下一页尾页 第8页 / 共55页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站