Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.8.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0501
Unspecified vulnerability in the Calendar export feature in Moodle 1.8 prior to 1.8.8 and 1.9 prior to 1.9.4 allows malicious users to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors.
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
NA
CVE-2009-0499
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to delete unauthorized forum posts via a link or IMG tag to post.php.
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.9.3
Moodle Moodle 1.8.1
Moodle Moodle 1.8.7
NA
CVE-2010-1615
Multiple SQL injection vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation ...
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.9.3
Moodle Moodle 1.8.4
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
Moodle Moodle 1.8.8
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.9.1
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.3
Moodle Moodle 1.8.10
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
NA
CVE-2010-1616
Moodle 1.8.x and 1.9.x prior to 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.4
Moodle Moodle 1.9.3
Moodle Moodle 1.8.8
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.9.1
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
Moodle Moodle 1.8.4
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
NA
CVE-2010-1613
Moodle 1.8.x and 1.9.x prior to 1.9.8 does not enable the "Regenerate session id during login" setting by default, which makes it easier for remote malicious users to conduct session fixation attacks.
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
Moodle Moodle 1.8.8
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.9.1
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.3
Moodle Moodle 1.8.10
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
NA
CVE-2010-1614
Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is enabled, unspe...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.3
Moodle Moodle 1.8.10
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
NA
CVE-2010-1617
user/view.php in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page.
Moodle Moodle 1.8.8
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.9.1
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.4
Moodle Moodle 1.9.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.2
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
NA
CVE-2010-1619
Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via craft...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.7
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.9.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.9
Moodle Moodle 1.8.6
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.9.7
NA
CVE-2009-0502
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4, allows remote malicious users to inject arbitrary web script or HTML via an HTML block, wh...
Snoopy Snoopy 1.2.3
Moodle Moodle 1.7.4
Moodle Moodle 1.7.5
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.7.0
Moodle Moodle 1.7.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.7.2
Moodle Moodle 1.7.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.6
Moodle Moodle 1.8.1
Moodle Moodle 1.9.1
NA
CVE-2009-0500
Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to inject arbitrary web script or HTML via crafted log table information that is not properly hand...
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.6.6
Moodle Moodle 1.6.8
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.6.7
Moodle Moodle 1.6.3
Moodle Moodle 1.6.5
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.6.0
Moodle Moodle 1.6.4
Moodle Moodle 1.8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »