Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.9.15 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2012-0792
mod/forum/user.php in Moodle 1.9.x prior to 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
2.6
CVSSv2
CVE-2012-2362
Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x prior to 1.9.18, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via a crafted parameter to blog/index.php.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.17
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.16
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
6.5
CVSSv2
CVE-2012-2363
SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x prior to 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calendar event.
Moodle Moodle 1.9.6
Moodle Moodle 1.9.5
Moodle Moodle 1.9.12
Moodle Moodle 1.9.13
Moodle Moodle 1.9.14
Moodle Moodle 1.9.7
Moodle Moodle 1.9.4
Moodle Moodle 1.9.10
Moodle Moodle 1.9.17
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.9.3
Moodle Moodle 1.9.16
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.9
5
CVSSv2
CVE-2012-0793
Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 allows remote malicious users to view the profile images of arbitrary user accounts via unspecified vectors.
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
5
CVSSv2
CVE-2012-0794
The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote malicious users to defeat cryptographic protection mechanis...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
6.5
CVSSv2
CVE-2012-0795
Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 does not validate e-mail address settings, which allows remote authenticated users to have an unspecified impact via a crafted address.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.9.5
Moodle Moodle 1.9.12
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 1.9.7
Moodle Moodle 1.9.8
Moodle Moodle 1.9.10
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.14
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 1.9.15
Moodle Moodle 1.9.11
Moodle Moodle 1.9.9
4
CVSSv2
CVE-2012-0796
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1)...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
4
CVSSv2
CVE-2012-2367
Moodle 1.9.x prior to 1.9.18, 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass the moodle/calendar:manageownentries capability requirement and add a calendar entry via a New Entry action.
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.5
Moodle Moodle 1.9.7
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.10
Moodle Moodle 1.9.14
Moodle Moodle 1.9.11
Moodle Moodle 1.9.4
Moodle Moodle 1.9.9
Moodle Moodle 1.9.17
Moodle Moodle 1.9.16
Moodle Moodle 1.9.3
Moodle Moodle 1.9.12
Moodle Moodle 1.9.13
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.4
Moodle Moodle 2.0.1
Moodle Moodle 2.0.7
4
CVSSv2
CVE-2012-3398
Algorithmic complexity vulnerability in Moodle 1.9.x prior to 1.9.19, 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, and 2.2.x prior to 2.2.4 allows remote authenticated users to cause a denial of service (CPU consumption) by using the advanced-search feature on a database activity...
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.5
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 1.9.7
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.10
Moodle Moodle 1.9.14
Moodle Moodle 1.9.18
Moodle Moodle 2.0.8
Moodle Moodle 2.0.1
Moodle Moodle 2.1.4
Moodle Moodle 2.1.6
Moodle Moodle 1.9.11
Moodle Moodle 1.9.4
4
CVSSv2
CVE-2012-6098
grade/edit/outcome/edit_form.php in Moodle 1.9.x up to and including 1.9.19, 2.1.x prior to 2.1.10, 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 does not properly enforce the moodle/grade:manage capability requirement, which allows remote authenticated use...
Moodle Moodle 1.9.16
Moodle Moodle 1.9.8
Moodle Moodle 1.9.6
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.9
Moodle Moodle 1.9.17
Moodle Moodle 1.9.18
Moodle Moodle 1.9.7
Moodle Moodle 1.9.15
Moodle Moodle 1.9.4
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.14
Moodle Moodle 1.9.1
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.13
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »