Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mod security mod security 1.9.4 vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2007-1359
Interpretation conflict in ModSecurity (mod_security) 2.1.0 and previous versions allows remote malicious users to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ (0x00) byte, which mod_security treats as a terminator even though it is...
Mod Security Mod Security 1.7.4
Mod Security Mod Security 1.7.5
Mod Security Mod Security 1.7.1
Mod Security Mod Security 1.7.2
Mod Security Mod Security 1.9.4
Mod Security Mod Security 2.1
Mod Security Mod Security 1.7
1 EDB exploit
668
VMScore
CVE-2010-1615
Multiple SQL injection vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation ...
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.9.3
Moodle Moodle 1.8.4
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
Moodle Moodle 1.8.8
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.9.1
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.3
Moodle Moodle 1.8.10
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
605
VMScore
CVE-2010-2231
Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attempt...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.7
Moodle Moodle 1.6.5
Moodle Moodle 1.6.4
Moodle Moodle 1.5
Moodle Moodle 1.5.1
Moodle Moodle 1.4.5
Moodle Moodle 1.4.4
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.3
Moodle Moodle 1.7.6
Moodle Moodle 1.7.4
Moodle Moodle 1.6.7
Moodle Moodle 1.6.0
Moodle Moodle 1.5.0
Moodle Moodle 1.4.1
Moodle Moodle 1.3.0
Moodle Moodle 1.3.3
Moodle Moodle 1.3.2
605
VMScore
CVE-2010-1613
Moodle 1.8.x and 1.9.x prior to 1.9.8 does not enable the "Regenerate session id during login" setting by default, which makes it easier for remote malicious users to conduct session fixation attacks.
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
Moodle Moodle 1.8.8
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.9.1
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.3
Moodle Moodle 1.8.10
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
383
VMScore
CVE-2010-2228
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Moodle Moodle 1.1.1
Moodle Moodle 1.2.0
Moodle Moodle 1.4.1
Moodle Moodle 1.4.2
Moodle Moodle 1.5.3
Moodle Moodle 1.5.0
Moodle Moodle 1.6.7
Moodle Moodle 1.6.8
Moodle Moodle 1.2.1
Moodle Moodle 1.3.0
Moodle Moodle 1.4.3
Moodle Moodle 1.4.4
Moodle Moodle 1.6.0
Moodle Moodle 1.6.1
Moodle Moodle 1.7.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.3.1
Moodle Moodle 1.3.2
Moodle Moodle 1.4.5
383
VMScore
CVE-2010-2229
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Moodle Moodle 1.8.7
Moodle Moodle 1.8.6
Moodle Moodle 1.7.3
Moodle Moodle 1.6.4
Moodle Moodle 1.6.6
Moodle Moodle 1.5.1
Moodle Moodle 1.5.2
Moodle Moodle 1.4.4
Moodle Moodle 1.3.4
Moodle Moodle 1.8.9
Moodle Moodle 1.8.8
Moodle Moodle 1.8.1
Moodle Moodle 1.6.3
Moodle Moodle 1.6.5
Moodle Moodle 1.6.2
Moodle Moodle 1.5
Moodle Moodle 1.4.2
Moodle Moodle 1.4.5
Moodle Moodle 1.2.0
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.8.5
383
VMScore
CVE-2010-1614
Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is enabled, unspe...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.3
Moodle Moodle 1.8.10
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
383
VMScore
CVE-2010-1618
Cross-site scripting (XSS) vulnerability in the phpCAS client library prior to 1.1.0, as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an erro...
Ja-sig Phpcas Client Library 1.0.0
Ja-sig Phpcas Client Library 1.0.1
Ja-sig Phpcas Client Library 1.0.0
Ja-sig Phpcas Client Library 1.0.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.4
Moodle Moodle 1.9.5
Moodle Moodle 1.9.4
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.8
Moodle Moodle 1.8.6
Moodle Moodle 1.9.7
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
383
VMScore
CVE-2010-1619
Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via craft...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.7
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.9.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.9
Moodle Moodle 1.8.6
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.9.7
356
VMScore
CVE-2010-2230
The KSES text cleaning filter in lib/weblib.php in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input.
Moodle Moodle 1.8.9
Moodle Moodle 1.8.8
Moodle Moodle 1.6.3
Moodle Moodle 1.6.5
Moodle Moodle 1.6.2
Moodle Moodle 1.5
Moodle Moodle 1.5.1
Moodle Moodle 1.4.5
Moodle Moodle 1.4.4
Moodle Moodle 1.2.0
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.8.4
Moodle Moodle 1.8.3
Moodle Moodle 1.7.6
Moodle Moodle 1.7.4
Moodle Moodle 1.6.8
Moodle Moodle 1.6.7
Moodle Moodle 1.5.0
Moodle Moodle 1.4.1
Moodle Moodle 1.3.0
Moodle Moodle 1.3.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »