Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mahara mahara vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer prior to 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote malicious users to execute arbitrary code via crafted input that is processed by the ...
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.3
2 EDB exploits
10
CVSSv2
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Nagios Nagios
Wordpress Wordpress
7.5
CVSSv2
CVE-2021-40849
In Mahara prior to 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web services token is vulnerable to being exploited and logged into, resulting in information disclosure (at a minimum) and often escalation of privileges.
Mahara Mahara 21.10.0
Mahara Mahara
7.5
CVSSv2
CVE-2017-1000153
Mahara 15.04 prior to 15.04.10 and 15.10 prior to 15.10.6 and 16.04 prior to 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email ...
Mahara Mahara 15.04
Mahara Mahara 15.04.9
Mahara Mahara 15.04.8
Mahara Mahara 15.04.7
Mahara Mahara 15.04.6
Mahara Mahara 15.04.5
Mahara Mahara 15.04.4
Mahara Mahara 15.04.3
Mahara Mahara 15.04.2
Mahara Mahara 15.04.1
Mahara Mahara 15.04.0
Mahara Mahara 16.04
Mahara Mahara 16.04.0
Mahara Mahara 16.04.1
Mahara Mahara 16.04.2
Mahara Mahara 16.04.3
Mahara Mahara 15.10.0
Mahara Mahara 15.10.1
Mahara Mahara 15.10.2
Mahara Mahara 15.10.3
Mahara Mahara 15.10.4
Mahara Mahara 15.10.5
7.5
CVSSv2
CVE-2017-1000152
Mahara 15.04 prior to 15.04.7 and 15.10 prior to 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged ...
Mahara Mahara 15.04
Mahara Mahara 15.04.6
Mahara Mahara 15.04.5
Mahara Mahara 15.04.4
Mahara Mahara 15.04.3
Mahara Mahara 15.04.2
Mahara Mahara 15.04.1
Mahara Mahara 15.04.0
Mahara Mahara 15.10.0
Mahara Mahara 15.10.1
Mahara Mahara 15.10.2
7.5
CVSSv2
CVE-2017-1000154
Mahara 15.04 prior to 15.04.8 and 15.10 prior to 15.10.4 and 16.04 prior to 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's built-in login form, still allowing users to log in even if their institution was expired or suspended.
Mahara Mahara 15.04
Mahara Mahara 15.04.7
Mahara Mahara 15.04.6
Mahara Mahara 15.04.5
Mahara Mahara 15.04.4
Mahara Mahara 15.04.3
Mahara Mahara 15.04.2
Mahara Mahara 15.04.1
Mahara Mahara 15.04.0
Mahara Mahara 16.04
Mahara Mahara 16.04.0
Mahara Mahara 16.04.1
Mahara Mahara 15.10.0
Mahara Mahara 15.10.1
Mahara Mahara 15.10.2
Mahara Mahara 15.10.3
7.5
CVSSv2
CVE-2010-1670
Mahara prior to 1.0.15, 1.1.x prior to 1.1.9, and 1.2.x prior to 1.2.5 has improper configuration options for authentication plugins associated with logins that use the single sign-on (SSO) functionality, which allows remote malicious users to bypass authentication via an empty p...
Mahara Mahara 0.9.1
Mahara Mahara 1.0.4
Mahara Mahara 0.9.2
Mahara Mahara 1.0.1
Mahara Mahara 1.0.8
Mahara Mahara 1.0.12
Mahara Mahara 1.0.6
Mahara Mahara 1.0.5
Mahara Mahara
Mahara Mahara 1.0.2
Mahara Mahara 1.0.3
Mahara Mahara 1.0.13
Mahara Mahara 1.0.10
Mahara Mahara 1.0.7
Mahara Mahara 1.0.0
Mahara Mahara 1.0.11
Mahara Mahara 0.9.0
Mahara Mahara 1.1.0
Mahara Mahara 1.1.6
Mahara Mahara 1.1.2
Mahara Mahara 1.1.7
Mahara Mahara 1.1.4
7.5
CVSSv2
CVE-2010-1669
SQL injection vulnerability in Mahara 1.1.x prior to 1.1.9 and 1.2.x prior to 1.2.5 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Mahara Mahara 1.1.0
Mahara Mahara 1.1.6
Mahara Mahara 1.1.2
Mahara Mahara 1.1.7
Mahara Mahara 1.1.4
Mahara Mahara 1.1.1
Mahara Mahara 1.1.8
Mahara Mahara 1.1.3
Mahara Mahara 1.1.5
Mahara Mahara 1.2.0
Mahara Mahara 1.2.3
Mahara Mahara 1.2.1
Mahara Mahara 1.2.4
Mahara Mahara 1.2.2
7.5
CVSSv2
CVE-2010-0400
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote malicious users to execute arbitrary SQL commands via a username.
Mahara Mahara 1.0.4
6.8
CVSSv2
CVE-2022-28892
Mahara prior to 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.
Mahara Mahara 22.04.0
Mahara Mahara
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »