Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mod security mod security 1.9.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1359
Interpretation conflict in ModSecurity (mod_security) 2.1.0 and previous versions allows remote malicious users to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ (0x00) byte, which mod_security treats as a terminator even though it is...
Mod Security Mod Security 1.7.1
Mod Security Mod Security 2.1
Mod Security Mod Security 1.7
Mod Security Mod Security 1.7.2
Mod Security Mod Security 1.9.4
Mod Security Mod Security 1.7.5
Mod Security Mod Security 1.7.4
1 EDB exploit
NA
CVE-2010-1615
Multiple SQL injection vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation ...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
NA
CVE-2010-1613
Moodle 1.8.x and 1.9.x prior to 1.9.8 does not enable the "Regenerate session id during login" setting by default, which makes it easier for remote malicious users to conduct session fixation attacks.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
NA
CVE-2010-1616
Moodle 1.8.x and 1.9.x prior to 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
NA
CVE-2010-1617
user/view.php in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
NA
CVE-2010-1619
Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via craft...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
NA
CVE-2010-1614
Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is enabled, unspe...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
NA
CVE-2010-1618
Cross-site scripting (XSS) vulnerability in the phpCAS client library prior to 1.1.0, as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an erro...
Ja-sig Phpcas Client Library 1.0.0
Ja-sig Phpcas Client Library 1.0.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.5
Moodle Moodle 1.8.6
Moodle Moodle 1.8.7
Moodle Moodle 1.8.8
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.3
Moodle Moodle 1.9.4
Moodle Moodle 1.9.5
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
NA
CVE-2010-2229
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Moodle Moodle 1.5.2
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
NA
CVE-2010-2228
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Moodle Moodle 1.5.2
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »