Open Bugtraq


2017-01-20
Low
Med.
Low
Med.
Med.
Med.
Low
Med.
Med.
Low
Med.
Low
Med.


The latest CVEs

2017-01-20
CVE-2016-10143 TIKI Tikiwiki cms/groupware
A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field.

CVE-2016-5012 Moodle Moodle
In Moodle 3.x, glossary search displays entries without checking user permissions to view them.

CVE-2016-5013 Moodle Moodle
In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.

CVE-2016-5014 Moodle Moodle
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.

CVE-2016-7038 Moodle Moodle
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.

CVE-2016-8642 Moodle Moodle
In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.

CVE-2016-8643 Moodle Moodle
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.

CVE-2016-8644 Moodle Moodle
In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.

CVE-2017-2576 Moodle Moodle
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.

CVE-2017-2578 Moodle Moodle
In Moodle 3.x, there is XSS in the assignment submission page.


Dorks


2017-01-20
Low
Ashiyane Digital Security ...
Med.
Ormazd
Med.
Ashiyane Digital Security ...
Med.
Ashiyane Digital Security ...
Med.
cyber-arme

Copyright 2017, cxsecurity.com