Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mahara mahara 15.04 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-1000138
Mahara 1.10 prior to 1.10.0 and 15.04 prior to 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title.
Mahara Mahara 1.10
Mahara Mahara 15.04
3.5
CVSSv2
CVE-2017-1000137
Mahara 1.10 prior to 1.10.0 and 15.04 prior to 15.04.0 are vulnerable to possible cross site scripting when adding a text block to a page via the keyboard (rather than drag and drop).
Mahara Mahara 1.10
Mahara Mahara 15.04
6.5
CVSSv2
CVE-2017-1000150
Mahara 15.04 prior to 15.04.7 and 15.10 prior to 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. This makes users of the site more vulnerable to session fixation attacks.
Mahara Mahara 15.04.4
Mahara Mahara 15.04
Mahara Mahara 15.04.0
Mahara Mahara 15.04.1
Mahara Mahara 15.04.2
Mahara Mahara 15.04.6
Mahara Mahara 15.04.3
Mahara Mahara 15.04.5
Mahara Mahara 15.10.0
Mahara Mahara 15.10.1
Mahara Mahara 15.10.2
7.5
CVSSv2
CVE-2017-1000152
Mahara 15.04 prior to 15.04.7 and 15.10 prior to 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged ...
Mahara Mahara 15.04
Mahara Mahara 15.04.0
Mahara Mahara 15.04.5
Mahara Mahara 15.04.1
Mahara Mahara 15.04.2
Mahara Mahara 15.04.3
Mahara Mahara 15.04.4
Mahara Mahara 15.04.6
Mahara Mahara 15.10.1
Mahara Mahara 15.10.2
Mahara Mahara 15.10.0
3.5
CVSSv2
CVE-2017-1000144
Mahara 1.9 prior to 1.9.6 and 1.10 prior to 1.10.4 and 15.04 prior to 15.04.1 are vulnerable to a site admin or institution admin being able to place HTML and Javascript into an institution display name, which will be displayed to other users unescaped on some Mahara system pages...
Mahara Mahara 1.9.3
Mahara Mahara 1.9
Mahara Mahara 1.9.4
Mahara Mahara 1.9.5
Mahara Mahara 1.9.1
Mahara Mahara 1.9.2
Mahara Mahara 1.9.0
Mahara Mahara 1.10.1
Mahara Mahara 1.10.2
Mahara Mahara 1.10.3
Mahara Mahara 1.10
Mahara Mahara 1.10.0
Mahara Mahara 15.04
Mahara Mahara 15.04.0
6.5
CVSSv2
CVE-2017-1000134
Mahara 1.8 prior to 1.8.6 and 1.9 prior to 1.9.4 and 1.10 prior to 1.10.1 and 15.04 prior to 15.04.0 are vulnerable because group members can lose access to the group files they uploaded if another group member changes the access permissions on them.
Mahara Mahara 1.8.1
Mahara Mahara 1.8.2
Mahara Mahara 1.8.3
Mahara Mahara 1.8.4
Mahara Mahara 1.8.5
Mahara Mahara 1.8
Mahara Mahara 1.8.0
Mahara Mahara 1.9
Mahara Mahara 1.9.1
Mahara Mahara 1.9.2
Mahara Mahara 1.9.3
Mahara Mahara 1.9.0
Mahara Mahara 1.10
Mahara Mahara 1.10.0
Mahara Mahara 15.04
4.3
CVSSv2
CVE-2017-1000136
Mahara 1.8 prior to 1.8.6 and 1.9 prior to 1.9.4 and 1.10 prior to 1.10.1 and 15.04 prior to 15.04.0 are vulnerable to old sessions not being invalidated after a password change.
Mahara Mahara 1.8.5
Mahara Mahara 1.8.0
Mahara Mahara 1.8
Mahara Mahara 1.8.2
Mahara Mahara 1.8.4
Mahara Mahara 1.8.1
Mahara Mahara 1.8.3
Mahara Mahara 1.9
Mahara Mahara 1.9.2
Mahara Mahara 1.9.0
Mahara Mahara 1.9.1
Mahara Mahara 1.9.3
Mahara Mahara 1.10
Mahara Mahara 1.10.0
Mahara Mahara 15.04
4
CVSSv2
CVE-2017-1000131
Mahara 15.04 prior to 15.04.8 and 15.10 prior to 15.10.4 and 16.04 prior to 16.04.2 are vulnerable to users staying logged in to their Mahara account even when they have been logged out of Moodle (when using MNet) as Mahara did not properly implement one of the MNet SSO API funct...
Mahara Mahara 15.04
Mahara Mahara 15.04.6
Mahara Mahara 15.04.7
Mahara Mahara 15.04.3
Mahara Mahara 15.04.5
Mahara Mahara 15.04.0
Mahara Mahara 15.04.1
Mahara Mahara 15.04.2
Mahara Mahara 15.04.4
Mahara Mahara 16.04
Mahara Mahara 16.04.1
Mahara Mahara 16.04.0
Mahara Mahara 15.10.0
Mahara Mahara 15.10.1
Mahara Mahara 15.10.2
Mahara Mahara 15.10.3
5
CVSSv2
CVE-2017-1000133
Mahara 15.04 prior to 15.04.8 and 15.10 prior to 15.10.4 and 16.04 prior to 16.04.2 are vulnerable to a user - in some circumstances causing another user's artefacts to be included in a Leap2a export of their own pages.
Mahara Mahara 15.04.0
Mahara Mahara 15.04.2
Mahara Mahara 15.04.3
Mahara Mahara 15.04.4
Mahara Mahara 15.04.5
Mahara Mahara 15.04.6
Mahara Mahara 15.04.7
Mahara Mahara 15.04
Mahara Mahara 15.04.1
Mahara Mahara 16.04
Mahara Mahara 16.04.0
Mahara Mahara 16.04.1
Mahara Mahara 15.10.2
Mahara Mahara 15.10.0
Mahara Mahara 15.10.1
Mahara Mahara 15.10.3
6.5
CVSSv2
CVE-2017-1000148
Mahara 15.04 prior to 15.04.8 and 15.10 prior to 15.10.4 and 16.04 prior to 16.04.2 are vulnerable to PHP code execution as Mahara would pass portions of the XML through the PHP "unserialize()" function when importing a skin from an XML file.
Mahara Mahara 15.04.2
Mahara Mahara 15.04.3
Mahara Mahara 15.04.4
Mahara Mahara 15.04.5
Mahara Mahara 15.04
Mahara Mahara 15.04.1
Mahara Mahara 15.04.6
Mahara Mahara 15.04.0
Mahara Mahara 15.04.7
Mahara Mahara 16.04
Mahara Mahara 16.04.0
Mahara Mahara 16.04.1
Mahara Mahara 15.10.1
Mahara Mahara 15.10.3
Mahara Mahara 15.10.0
Mahara Mahara 15.10.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »