This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


CPE Namecpe:/a:mahara:mahara:0.9.1
VendorMaharaFirst view 2009-02-09
ProductMaharaLast view2014-05-19
CPE Productcpe:/a:mahara:mahara

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
42014-05-19CVE-2013-4432NetworkLowRequires ...
5.52014-05-19CVE-2013-4431NetworkLowRequires ...
4.32014-05-19CVE-2013-4430NetworkMediumNone Requ...
42014-05-19CVE-2013-4429NetworkLowRequires ...
52012-07-12CVE-2012-2351NetworkLowNone Requ...
Hide | Show 17 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
62011-11-14CVE-2011-4118NetworkMediumRequires ...
6.82011-11-14CVE-2011-2773NetworkMediumNone Requ...
52011-11-14CVE-2011-2772NetworkLowNone Requ...
4.32011-11-14CVE-2011-2771NetworkMediumNone Requ...
4.32011-05-13CVE-2011-1406NetworkMediumNone Requ...
3.52011-05-13CVE-2011-1405NetworkMediumRequires ...
42011-05-13CVE-2011-1404NetworkLowRequires ...
6.82011-05-13CVE-2011-1403NetworkMediumNone Requ...
6.52011-05-13CVE-2011-1402NetworkLowRequires ...
4.32010-11-09CVE-2010-3871NetworkMediumNone Requ...
4.32010-07-06CVE-2010-2479NetworkMediumNone Requ...
7.52010-07-06CVE-2010-1670NetworkLowNone Requ...
6.82010-07-06CVE-2010-1668NetworkMediumNone Requ...
4.32010-07-06CVE-2010-1667NetworkMediumNone Requ...
4.32009-11-03CVE-2009-3299NetworkMediumNone Requ...
6.52009-11-03CVE-2009-3298NetworkLowRequires ...
4.32009-02-09CVE-2009-0487NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

33% (8)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
29% (7)CWE-264Permissions, Privileges, and Access Controls
12% (3)CWE-352Cross-Site Request Forgery (CSRF)
8% (2)CWE-287Improper Authentication
8% (2)CWE-16Configuration
Hide | Show 2 More...
4% (1)CWE-284Access Control (Authorization) Issues
4% (1)CWE-20Improper Input Validation

Oval Markup Language : Definitions

oval:org.mitre.oval:def:13104DSA-2067-1 mahara -- several
oval:org.mitre.oval:def:11886DSA-2067 mahara -- several vulnerabilities
oval:org.mitre.oval:def:13046DSA-2246-1 mahara -- several vulnerabilities
oval:org.mitre.oval:def:15228DSA-2334-1 mahara -- several
oval:org.mitre.oval:def:8182DSA-1924 mahara -- several vulnerabilities
Hide | Show 2 More...
oval:org.mitre.oval:def:13448DSA-1924-1 mahara -- several vulnerabilities
oval:org.mitre.oval:def:18492DSA-2467-1 mahara - insecure defaults

Open Source Vulnerability Database (OSVDB)

77207Mahara MNet XMLRPC Jump Remote Privilege Escalation
76919Mahara admin/users/addtoinstitution.php User Institution Manipulation CSRF
76918Mahara Overly Large Image Handling Remote DoS
76917Mahara External Feed Block Unspecified XSS
73458Mahara wwwroot https URL Parsing Credential Disclosure
Hide | Show 12 More...
73457Mahara HTML Email Message XSS
73456Mahara Multiple Script AJAX Call Parsing Information Disclosure
73455Mahara Admin User Addition CSRF
73454Mahara Multiple Script Access Restriction Bypass
69111Mahara blocktype/groupviews/theme/raw/groupviews.tpl Unspecified Parameter XSS
66062Mahara Single Sign-on Authentication Plugin Null Password Authentication Bypass
66060Mahara Multiple Unspecified CSRF
66059Mahara Multiple Unspecified XSS
64113HTML Purifier Unspecified XSS
59584Mahara Site Admin Password Reset Remote Privilege Escalation
59583Mahara Resume Blocktype XSS
51812Mahara Forum Posts Unspecified XSS

OpenVAS Exploits

2012-05-31Name : Debian Security Advisory DSA 2467-1 (mahara)
File : nvt/deb_2467_1.nasl
2012-02-11Name : Debian Security Advisory DSA 2334-1 (mahara)
File : nvt/deb_2334_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2246-1 (mahara)
File : nvt/deb_2246_1.nasl
2011-05-23Name : Mahara Multiple Remote Vulnerabilities
File : nvt/gb_mahara_mult_vuln.nasl
2010-12-02Name : Fedora Update for moodle FEDORA-2010-13396
File : nvt/gb_fedora_2010_13396_moodle_fc14.nasl
Hide | Show 6 More...
2010-11-09Name : Mahara 'groupviews.tpl' Cross Site Scripting Vulnerability
File : nvt/gb_mahara_44705.nasl
2010-08-24Name : Fedora Update for moodle FEDORA-2010-13250
File : nvt/gb_fedora_2010_13250_moodle_fc13.nasl
2010-08-24Name : Fedora Update for moodle FEDORA-2010-13254
File : nvt/gb_fedora_2010_13254_moodle_fc12.nasl
2010-07-05Name : Mahara Multiple Remote Vulnerabilities
File : nvt/gb_mahara_41319.nasl
2009-11-11Name : Debian Security Advisory DSA 1924-1 (mahara)
File : nvt/deb_1924_1.nasl
2009-11-04Name : Mahara Multiple vulnerabilities
File : nvt/mahara_multiple_vuln.nasl

Nessus® Vulnerability Scanner

2012-05-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2467.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2334.nasl - Type : ACT_GATHER_INFO
2011-06-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2246.nasl - Type : ACT_GATHER_INFO
2010-08-24Name : The remote Fedora host is missing a security update.
File : fedora_2010-13396.nasl - Type : ACT_GATHER_INFO
2010-08-23Name : The remote Fedora host is missing a security update.
File : fedora_2010-13250.nasl - Type : ACT_GATHER_INFO
Hide | Show 3 More...
2010-08-23Name : The remote Fedora host is missing a security update.
File : fedora_2010-13254.nasl - Type : ACT_GATHER_INFO
2010-07-05Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2067.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1924.nasl - Type : ACT_GATHER_INFO