Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.7.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1429
Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 allow remote malicious users to execute arbitrary PHP code via a URL in the cmd parameter to (1) admin/utfdbmigrate.php or (2) filter.php.
Moodle Moodle 1.7.1
6.8
CVSSv2
CVE-2013-4524
Directory traversal vulnerability in repository/filesystem/lib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path.
Moodle Moodle 2.5.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.4
Moodle Moodle 2.3.4
Moodle Moodle 2.3.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.10
Moodle Moodle 2.1.0
Moodle Moodle 2.0.3
Moodle Moodle 2.0.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.4
Moodle Moodle 1.9.14
Moodle Moodle 1.9.12
Moodle Moodle 1.8.7
Moodle Moodle 1.8.5
Moodle Moodle 1.8.13
Moodle Moodle 1.8.11
Moodle Moodle 1.7.3
6.8
CVSSv2
CVE-2010-2231
Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attempt...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.7
Moodle Moodle 1.6.5
Moodle Moodle 1.6.4
Moodle Moodle 1.5
Moodle Moodle 1.5.1
Moodle Moodle 1.4.5
Moodle Moodle 1.4.4
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.3
Moodle Moodle 1.7.6
Moodle Moodle 1.7.4
Moodle Moodle 1.6.7
Moodle Moodle 1.6.0
Moodle Moodle 1.5.0
Moodle Moodle 1.4.1
Moodle Moodle 1.3.0
Moodle Moodle 1.3.3
Moodle Moodle 1.3.2
6.8
CVSSv2
CVE-2007-3215
PHPMailer 1.7, when configured to use sendmail, allows remote malicious users to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.
Phpmailer Phpmailer 1.7.2
Phpmailer Phpmailer 1.7
Phpmailer Phpmailer 1.7.1
Phpmailer Phpmailer 1.7.3
Phpmailer Phpmailer 1.73
6.4
CVSSv2
CVE-2009-0499
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to delete unauthorized forum posts via a link or IMG tag to post.php.
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.9.3
Moodle Moodle 1.8.1
Moodle Moodle 1.8.7
5
CVSSv2
CVE-2013-4522
lib/filelib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote malicious users to obtain sensitive information by requesting a file that...
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.2.9
Moodle Moodle 2.2.8
Moodle Moodle 2.2.7
Moodle Moodle 2.2.6
Moodle Moodle 2.5.0
Moodle Moodle 2.5.2
Moodle Moodle 2.4.5
Moodle Moodle 2.3.0
Moodle Moodle 2.3.5
Moodle Moodle 2.3.7
Moodle Moodle 2.2.4
Moodle Moodle 2.2.2
Moodle Moodle 2.1.7
Moodle Moodle 2.1.5
Moodle Moodle 2.1.1
Moodle Moodle 2.0.9
Moodle Moodle 2.0.2
Moodle Moodle 2.0.0
5
CVSSv2
CVE-2013-1830
user/view.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote malicious users to obtain sensitive course-profile information by leveraging the guest ...
Fedoraproject Fedora 18
Fedoraproject Fedora 17
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.7
Moodle Moodle 2.2.6
Moodle Moodle 2.2.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
Moodle Moodle 2.0.3
Moodle Moodle 2.0.7
5
CVSSv2
CVE-2013-1831
lib/setuplib.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 allows remote malicious users to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 1.8.8
Moodle Moodle 1.5
Moodle Moodle 1.6.3
Moodle Moodle 1.3.1
Moodle Moodle 1.9.8
Moodle Moodle 1.8.14
Moodle Moodle 1.5.2
Moodle Moodle 1.5.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.10
Moodle Moodle 1.8.9
Moodle Moodle 1.9.2
4.6
CVSSv2
CVE-2013-3630
Moodle up to and including 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
Moodle Moodle 2.5.0
Moodle Moodle 2.4.1
Moodle Moodle 2.3.8
Moodle Moodle 2.3.1
Moodle Moodle 2.2.9
Moodle Moodle 2.2.2
Moodle Moodle 2.2.10
Moodle Moodle 2.1.7
Moodle Moodle 2.1.5
Moodle Moodle 2.0.9
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 1.9.8
Moodle Moodle 1.9.3
Moodle Moodle 1.9.18
Moodle Moodle 1.9.11
Moodle Moodle 1.9.1
Moodle Moodle 1.8.4
Moodle Moodle 1.8.2
Moodle Moodle 1.8.10
Moodle Moodle 1.6.7
Moodle Moodle 1.6.0
1 EDB exploit
1 Metasploit module
4.3
CVSSv2
CVE-2010-2228
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Moodle Moodle 1.1.1
Moodle Moodle 1.2.0
Moodle Moodle 1.4.1
Moodle Moodle 1.4.2
Moodle Moodle 1.5.3
Moodle Moodle 1.5.0
Moodle Moodle 1.6.7
Moodle Moodle 1.6.8
Moodle Moodle 1.2.1
Moodle Moodle 1.3.0
Moodle Moodle 1.4.3
Moodle Moodle 1.4.4
Moodle Moodle 1.6.0
Moodle Moodle 1.6.1
Moodle Moodle 1.7.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.3.1
Moodle Moodle 1.3.2
Moodle Moodle 1.4.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »