Lucene search
Ubuntu.comUB:CVE-2013-5674HistorySep 16, 2013 - 12:00 a.m.
CVE-2013-5674
2013-09-1600:00:00
ubuntu.com
ubuntu.com
13
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
68.1%
badges/external.php in Moodle 2.5.x before 2.5.2 does not properly handle
an object obtained by unserializing a description of an external badge,
which allows remote attackers to conduct PHP object injection attacks via
unspecified vectors, as demonstrated by overwriting the value of the userid
parameter.
Related
nessus
nessus
Moodle 'external.php' 'badge' Parameter XSS
2013-09-20 00:00:00
packetstorm
packetstorm
Moodle CMS 2.5.0-1 Cross Site Scripting
2013-09-16 00:00:00
nvd
nvd
CVE-2013-5674
2013-09-16 13:02:48
prion
prion
Design/Logic Flaw
2013-09-16 13:02:00
cvelist
cvelist
CVE-2013-5674
2013-09-16 10:00:00
veracode
veracode
Remote Code Execution (RCE) Through Deserialization
2017-07-07 10:32:10
zdt
zdt
Moodle CMS 2.5.0-1 Cross Site Scripting Vulnerability
2013-09-17 00:00:00
cve
cve
CVE-2013-5674
2013-09-16 13:02:48
securityvulns
securityvulns
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
68.1%
Related for UB:CVE-2013-5674