This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mahara:mahara:1.1
Detail
VendorMaharaFirst view 2009-06-23
ProductMaharaLast view 2012-07-12
Version1.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mahara:mahara

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52012-07-12CVE-2012-2351NetworkLowNone Requ...
62011-11-14CVE-2011-4118NetworkMediumRequires ...
6.82011-11-14CVE-2011-2773NetworkMediumNone Requ...
52011-11-14CVE-2011-2772NetworkLowNone Requ...
4.32011-11-14CVE-2011-2771NetworkMediumNone Requ...
Hide | Show 8 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32011-05-13CVE-2011-1406NetworkMediumNone Requ...
3.52011-05-13CVE-2011-1405NetworkMediumRequires ...
42011-05-13CVE-2011-1404NetworkLowRequires ...
6.82011-05-13CVE-2011-1403NetworkMediumNone Requ...
6.52011-05-13CVE-2011-1402NetworkLowRequires ...
4.32010-11-09CVE-2010-3871NetworkMediumNone Requ...
42009-06-23CVE-2009-2171NetworkLowRequires ...
4.32009-06-23CVE-2009-2170NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
30% (4)CWE-264Permissions, Privileges, and Access Controls
30% (4)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
15% (2)CWE-352Cross-Site Request Forgery (CSRF)
15% (2)CWE-16Configuration
7% (1)CWE-20Improper Input Validation

Open Source Vulnerability Database (OSVDB)

idDescription
77207Mahara MNet XMLRPC Jump Remote Privilege Escalation
76919Mahara admin/users/addtoinstitution.php User Institution Manipulation CSRF
76918Mahara Overly Large Image Handling Remote DoS
76917Mahara External Feed Block Unspecified XSS
73458Mahara wwwroot https URL Parsing Credential Disclosure
Hide | Show 7 More...
idDescription
73457Mahara HTML Email Message XSS
73456Mahara Multiple Script AJAX Call Parsing Information Disclosure
73455Mahara Admin User Addition CSRF
73454Mahara Multiple Script Access Restriction Bypass
69111Mahara blocktype/groupviews/theme/raw/groupviews.tpl Unspecified Parameter XSS
55277Mahara Artefact Permission Weakness Restriction Bypass
55276Mahara Unspecified XSS

OpenVAS Exploits

idDescription
2012-05-31Name : Debian Security Advisory DSA 2467-1 (mahara)
File : nvt/deb_2467_1.nasl
2012-02-11Name : Debian Security Advisory DSA 2334-1 (mahara)
File : nvt/deb_2334_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2246-1 (mahara)
File : nvt/deb_2246_1.nasl
2011-05-23Name : Mahara Multiple Remote Vulnerabilities
File : nvt/gb_mahara_mult_vuln.nasl
2010-11-09Name : Mahara 'groupviews.tpl' Cross Site Scripting Vulnerability
File : nvt/gb_mahara_44705.nasl
Hide | Show 2 More...
idDescription
2009-06-26Name : Mahara Information Disclosure Vulnerability
File : nvt/secpod_mahara_info_disc_vuln.nasl
2009-06-26Name : Mahara Cross-Site Scripting Vulnerability
File : nvt/secpod_mahara_xss_vuln.nasl

Nessus® Vulnerability Scanner

idDescription
2012-05-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2467.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2334.nasl - Type : ACT_GATHER_INFO
2011-06-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2246.nasl - Type : ACT_GATHER_INFO
2009-06-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1822.nasl - Type : ACT_GATHER_INFO