| Max CVSS | 6.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-9186 | 6.5 |
Unrestricted file upload vulnerability in the "legacy course files" and "file manager" modules in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via uns
|
29-11-2016 - 18:36 | 04-11-2016 - 10:59 | |
| CVE-2016-9188 | 4.3 |
Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before 3.1.2 allow remote attackers to inject arbitrary web script or HTML via the s_additionalhtmlhead, s_additionalhtmltopofbody, and s_additionalhtmlfooter parameters.
|
29-11-2016 - 18:29 | 04-11-2016 - 10:59 | |
| CVE-2016-9187 | 6.5 |
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspe
|
29-11-2016 - 18:27 | 04-11-2016 - 10:59 |