Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mahara mahara vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-6182
Mahara 16.10 prior to 16.10.9 and 17.04 prior to 17.04.7 and 17.10 prior to 17.10.4 are vulnerable to bad input when TinyMCE is bypassed by POST packages. Therefore, Mahara should not rely on TinyMCE's code stripping alone but also clean input on the server / PHP side as one...
Mahara Mahara
4.3
CVSSv2
CVE-2017-17455
Mahara 16.10 prior to 16.10.7, 17.04 prior to 17.04.5, and 17.10 prior to 17.10.2 are vulnerable to being forced, via a man-in-the-middle attack, to interact with Mahara on the HTTP protocol rather than HTTPS even when an SSL certificate is present.
Mahara Mahara
4.3
CVSSv2
CVE-2017-1000136
Mahara 1.8 prior to 1.8.6 and 1.9 prior to 1.9.4 and 1.10 prior to 1.10.1 and 15.04 prior to 15.04.0 are vulnerable to old sessions not being invalidated after a password change.
Mahara Mahara 1.8.1
Mahara Mahara 1.8.2
Mahara Mahara 1.8.3
Mahara Mahara 1.8.4
Mahara Mahara 1.8.5
Mahara Mahara 1.8.0
Mahara Mahara 1.8
Mahara Mahara 1.9.1
Mahara Mahara 1.9.2
Mahara Mahara 1.9.3
Mahara Mahara 1.9.0
Mahara Mahara 1.9
Mahara Mahara 1.10.0
Mahara Mahara 1.10
Mahara Mahara 15.04
4.3
CVSSv2
CVE-2017-9551
Mahara 15.04 prior to 15.04.14 and 16.04 prior to 16.04.8 and 16.10 prior to 16.10.5 and 17.04 prior to 17.04.3 are vulnerable to a user submitting potential dangerous payload, e.g. XSS code, to be saved as their name in the usr_registration table. The values are then emailed to ...
Mahara Mahara 15.04
Mahara Mahara 15.04.13
Mahara Mahara 15.04.12
Mahara Mahara 15.04.11
Mahara Mahara 15.04.10
Mahara Mahara 15.04.9
Mahara Mahara 15.04.8
Mahara Mahara 15.04.7
Mahara Mahara 15.04.6
Mahara Mahara 15.04.5
Mahara Mahara 15.04.4
Mahara Mahara 15.04.3
Mahara Mahara 15.04.2
Mahara Mahara 15.04.1
Mahara Mahara 15.04.0
Mahara Mahara 16.04
Mahara Mahara 16.04.0
Mahara Mahara 16.04.1
Mahara Mahara 16.04.2
Mahara Mahara 16.04.3
Mahara Mahara 16.04.4
Mahara Mahara 16.04.5
4.3
CVSSv2
CVE-2013-4430
Cross-site scripting (XSS) vulnerability in Mahara prior to 1.5.12, 1.6.x prior to 1.6.7, and 1.7.x prior to 1.7.3 allows remote malicious users to inject arbitrary web script or HTML via the Host header to lib/web.php.
Mahara Mahara 1.7.0
Mahara Mahara 1.7.2
Mahara Mahara 1.7.1
Mahara Mahara 1.7.
Mahara Mahara 1.6.5
Mahara Mahara 1.6.0
Mahara Mahara 1.6.2
Mahara Mahara 1.6.1
Mahara Mahara 1.6.4
Mahara Mahara 1.6.3
Mahara Mahara 1.6.6
Mahara Mahara 1.5.4
Mahara Mahara
Mahara Mahara 1.5
Mahara Mahara 1.5.2
Mahara Mahara 1.5.9
Mahara Mahara 1.5.7
Mahara Mahara 1.5.8
Mahara Mahara 1.5.10
Mahara Mahara 1.5.3
Mahara Mahara 1.5.0
Mahara Mahara 1.5.1
4.3
CVSSv2
CVE-2012-2243
Cross-site scripting (XSS) vulnerability in Mahara 1.4.x prior to 1.4.5 and 1.5.x prior to 1.5.4 allows remote malicious users to inject arbitrary web script or HTML by uploading an XML file with the xhtml extension, which is rendered inline as script. NOTE: this can be leveraged...
Mahara Mahara 1.4
Mahara Mahara 1.4.0
Mahara Mahara 1.4.2
Mahara Mahara 1.4.4
Mahara Mahara 1.4.3
Mahara Mahara 1.4.1
Mahara Mahara 1.5
Mahara Mahara 1.5.2
Mahara Mahara 1.5.3
Mahara Mahara 1.5.0
Mahara Mahara 1.5.1
4.3
CVSSv2
CVE-2012-6037
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x prior to 1.4.5 and 1.5.x prior to 1.5.4, and other versions including 1.2, allow remote malicious users to inject arbitrary web script or HTML via a CSV header with "unknown fields," which are not prope...
Mahara Mahara 1.4
Mahara Mahara 1.4.0
Mahara Mahara 1.4.2
Mahara Mahara 1.4.4
Mahara Mahara 1.4.3
Mahara Mahara 1.4.1
Mahara Mahara 1.5
Mahara Mahara 1.5.2
Mahara Mahara 1.5.3
Mahara Mahara 1.5.0
Mahara Mahara 1.5.1
4.3
CVSSv2
CVE-2012-2247
Cross-site scripting (XSS) vulnerability in Mahara 1.4.x prior to 1.4.5 and 1.5.x prior to 1.5.4 allows remote malicious users to inject arbitrary web script or HTML via vectors related to artefact/file/ and a crafted SVG file.
Mahara Mahara 1.4
Mahara Mahara 1.4.0
Mahara Mahara 1.4.2
Mahara Mahara 1.4.4
Mahara Mahara 1.4.3
Mahara Mahara 1.4.1
Mahara Mahara 1.5
Mahara Mahara 1.5.2
Mahara Mahara 1.5.3
Mahara Mahara 1.5.0
Mahara Mahara 1.5.1
4.3
CVSSv2
CVE-2012-2253
Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x prior to 1.5.7 and 1.6.x prior to 1.6.2 allows remote malicious users to inject arbitrary web script or HTML via the query parameter.
Mahara Mahara 1.5.4
Mahara Mahara 1.5
Mahara Mahara 1.5.2
Mahara Mahara 1.5.3
Mahara Mahara 1.5.0
Mahara Mahara 1.5.1
Mahara Mahara 1.5.6
Mahara Mahara 1.6.0
Mahara Mahara 1.6.1
4.3
CVSSv2
CVE-2011-2771
Multiple cross-site scripting (XSS) vulnerabilities in Mahara prior to 1.4.1 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) URI attributes and (2) the External Feed component, as demonstrated by the guid element in an RSS feed.
Mahara Mahara 1.1.0
Mahara Mahara 1.1.6
Mahara Mahara 1.2.0
Mahara Mahara 0.9.1
Mahara Mahara 1.1.2
Mahara Mahara 1.2.3
Mahara Mahara 1.0.4
Mahara Mahara 1.1.7
Mahara Mahara 1.2.1
Mahara Mahara 1.3.2
Mahara Mahara 0.9.2
Mahara Mahara 1.4
Mahara Mahara 1.0.1
Mahara Mahara 1.0.8
Mahara Mahara 1.0.12
Mahara Mahara 1.0.15
Mahara Mahara 1.0.6
Mahara Mahara 1.3.0
Mahara Mahara 1.0.9
Mahara Mahara 1.1.9
Mahara Mahara 1.0.5
Mahara Mahara 1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »