This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


CPE Namecpe:/a:mahara:mahara:1.0.15
VendorMaharaFirst view 2010-11-09
ProductMaharaLast view 2012-07-12
CPE Productcpe:/a:mahara:mahara

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
5 2012-07-12 CVE-2012-2351 Network Low None Requ...
6 2011-11-14 CVE-2011-4118 Network Medium Requires ...
6.8 2011-11-14 CVE-2011-2773 Network Medium None Requ...
5 2011-11-14 CVE-2011-2772 Network Low None Requ...
4.3 2011-11-14 CVE-2011-2771 Network Medium None Requ...
Hide | Show 6 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.3 2011-05-13 CVE-2011-1406 Network Medium None Requ...
3.5 2011-05-13 CVE-2011-1405 Network Medium Requires ...
4 2011-05-13 CVE-2011-1404 Network Low Requires ...
6.8 2011-05-13 CVE-2011-1403 Network Medium None Requ...
6.5 2011-05-13 CVE-2011-1402 Network Low Requires ...
4.3 2010-11-09 CVE-2010-3871 Network Medium None Requ...

CWE : Common Weakness Enumeration

27% (3)CWE-264Permissions, Privileges, and Access Controls
27% (3)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
18% (2)CWE-352Cross-Site Request Forgery (CSRF)
18% (2)CWE-16Configuration
9% (1)CWE-20Improper Input Validation

Oval Markup Language : Definitions

oval:org.mitre.oval:def:13046DSA-2246-1 mahara -- several vulnerabilities
oval:org.mitre.oval:def:15228DSA-2334-1 mahara -- several
oval:org.mitre.oval:def:18492DSA-2467-1 mahara - insecure defaults

Open Source Vulnerability Database (OSVDB)

77207Mahara MNet XMLRPC Jump Remote Privilege Escalation
76919Mahara admin/users/addtoinstitution.php User Institution Manipulation CSRF
76918Mahara Overly Large Image Handling Remote DoS
76917Mahara External Feed Block Unspecified XSS
73458Mahara wwwroot https URL Parsing Credential Disclosure
Hide | Show 5 More...
73457Mahara HTML Email Message XSS
73456Mahara Multiple Script AJAX Call Parsing Information Disclosure
73455Mahara Admin User Addition CSRF
73454Mahara Multiple Script Access Restriction Bypass
69111Mahara blocktype/groupviews/theme/raw/groupviews.tpl Unspecified Parameter XSS

OpenVAS Exploits

2012-05-31Name : Debian Security Advisory DSA 2467-1 (mahara)
File : nvt/deb_2467_1.nasl
2012-02-11Name : Debian Security Advisory DSA 2334-1 (mahara)
File : nvt/deb_2334_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2246-1 (mahara)
File : nvt/deb_2246_1.nasl
2011-05-23Name : Mahara Multiple Remote Vulnerabilities
File : nvt/gb_mahara_mult_vuln.nasl
2010-11-09Name : Mahara 'groupviews.tpl' Cross Site Scripting Vulnerability
File : nvt/gb_mahara_44705.nasl

Nessus® Vulnerability Scanner

2012-05-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2467.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2334.nasl - Type : ACT_GATHER_INFO
2011-06-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2246.nasl - Type : ACT_GATHER_INFO