Search CVE reports
641 – 646 of 646 results
Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | — | — | — | — |
Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php...
2 affected packages
libphp-adodb, moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libphp-adodb | — | — | — | — |
| moodle | — | — | — | — |
SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings.
2 affected packages
libphp-adodb, moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libphp-adodb | — | — | — | — |
| moodle | — | — | — | — |
jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | — | — | — | — |
Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | — | — | — | — |
Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | — | — | — | — |