Max CVSS 6.5 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2012-3363 6.4
Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE
15-02-2024 - 03:20 13-02-2013 - 17:55
CVE-2013-1834 4.0
notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated users to reassign notes via a modified (1) userid or (2) courseid field.
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1830 5.0
user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote attackers to obtain sensitive course-profile information by leveraging the
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1831 5.0
lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1835 3.5
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1832 4.0
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive inform
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1836 6.5
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1833 3.5
Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a c
01-12-2020 - 14:52 25-03-2013 - 21:55
Back to Top Mark selected
Back to Top