This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mahara:mahara:1.3.0 |
| Detail | |||
|---|---|---|---|
| Vendor | Mahara | First view | 2010-11-09 |
| Product | Mahara | Last view | 2012-07-12 |
| Version | 1.3.0 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:mahara:mahara | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 5 | 2012-07-12 | CVE-2012-2351 | Network | Low | None Requ... | |
| 6 | 2011-11-14 | CVE-2011-4118 | Network | Medium | Requires ... | |
| 4 | 2011-11-14 | CVE-2011-2774 | Network | Low | Requires ... | |
| 6.8 | 2011-11-14 | CVE-2011-2773 | Network | Medium | None Requ... | |
| 5 | 2011-11-14 | CVE-2011-2772 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4.3 | 2011-11-14 | CVE-2011-2771 | Network | Medium | None Requ... | |
| 4.3 | 2011-05-13 | CVE-2011-1406 | Network | Medium | None Requ... | |
| 3.5 | 2011-05-13 | CVE-2011-1405 | Network | Medium | Requires ... | |
| 4 | 2011-05-13 | CVE-2011-1404 | Network | Low | Requires ... | |
| 6.8 | 2011-05-13 | CVE-2011-1403 | Network | Medium | None Requ... | |
| 6.5 | 2011-05-13 | CVE-2011-1402 | Network | Low | Requires ... | |
| 5.8 | 2011-03-28 | CVE-2011-0440 | Network | Medium | None Requ... | |
| 4.3 | 2011-03-28 | CVE-2011-0439 | Network | Medium | None Requ... | |
| 4.3 | 2010-11-09 | CVE-2010-3871 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 28% (4) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 21% (3) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 21% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
| 14% (2) | CWE-16 | Configuration |
| 7% (1) | CWE-200 | Information Exposure |
| % | id | Name |
|---|---|---|
| 7% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 77207 | Mahara MNet XMLRPC Jump Remote Privilege Escalation |
| 76920 | Mahara Reply to Message Functionality replyto Parameter Remote Private Messag... |
| 76919 | Mahara admin/users/addtoinstitution.php User Institution Manipulation CSRF |
| 76918 | Mahara Overly Large Image Handling Remote DoS |
| 76917 | Mahara External Feed Block Unspecified XSS |
| id | Description |
|---|---|
| 73458 | Mahara wwwroot https URL Parsing Credential Disclosure |
| 73457 | Mahara HTML Email Message XSS |
| 73456 | Mahara Multiple Script AJAX Call Parsing Information Disclosure |
| 73455 | Mahara Admin User Addition CSRF |
| 73454 | Mahara Multiple Script Access Restriction Bypass |
| 72155 | Mahara Pieform Select Box XSS |
| 72154 | Mahara Blog Post Deletion CSRF |
| 69111 | Mahara blocktype/groupviews/theme/raw/groupviews.tpl Unspecified Parameter XSS |
