Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.2.3 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-21809
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
Moodle Moodle 3.10.0
1 Github repository
4
CVSSv2
CVE-2014-3617
The forum_print_latest_discussions function in mod/forum/lib.php in Moodle up to and including 2.4.11, 2.5.x prior to 2.5.8, 2.6.x prior to 2.6.5, and 2.7.x prior to 2.7.2 allows remote authenticated users to bypass the individual answer-posting requirement without the mod/forum:...
Moodle Moodle 2.0.0
Moodle Moodle 2.0.1
Moodle Moodle 2.0.2
Moodle Moodle 2.0.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.10
Moodle Moodle 2.3.11
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
Moodle Moodle 2.4.5
Moodle Moodle 2.4.6
Moodle Moodle 2.6.2
Moodle Moodle 2.6.3
Moodle Moodle 2.6.4
Moodle Moodle 2.7.0
Moodle Moodle 2.0.4
4.3
CVSSv2
CVE-2014-0218
Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 allows remote malicious users to inject arbitrary web script or HTML via...
Moodle Moodle 2.1.2
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.5
Moodle Moodle 2.2.6
Moodle Moodle 2.2.7
Moodle Moodle 2.2.8
Moodle Moodle 2.2.9
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
Moodle Moodle 2.6.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.5
Moodle Moodle 2.0.6
Moodle Moodle 2.0.7
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.10
Moodle Moodle 2.2.11
Moodle Moodle 2.3.3
6.8
CVSSv2
CVE-2014-0213
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 allow remote malicious users to hijack the authentication ...
Moodle Moodle 2.0.8
Moodle Moodle 2.0.9
Moodle Moodle 2.1.0
Moodle Moodle 2.1.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.7
Moodle Moodle 2.3.8
Moodle Moodle 2.3.9
Moodle Moodle 2.4.0
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.5.5
Moodle Moodle 2.6.0
Moodle Moodle 2.0.5
Moodle Moodle 2.0.7
Moodle Moodle 2.1.10
Moodle Moodle 2.1.3
Moodle Moodle 2.2.0
Moodle Moodle 2.2.10
4
CVSSv2
CVE-2014-0215
The blind-marking implementation in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source.
Moodle Moodle 2.0.4
Moodle Moodle 2.0.5
Moodle Moodle 2.0.6
Moodle Moodle 2.0.7
Moodle Moodle 2.0.8
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.10
Moodle Moodle 2.2.11
Moodle Moodle 2.3.3
Moodle Moodle 2.3.4
Moodle Moodle 2.3.5
Moodle Moodle 2.3.6
Moodle Moodle 2.5.0
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.10
Moodle Moodle 2.1.6
5
CVSSv2
CVE-2014-0216
The My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 does not properly restrict file access, which allows remote malicious users to obtai...
Moodle Moodle 2.0.3
Moodle Moodle 2.0.4
Moodle Moodle 2.0.5
Moodle Moodle 2.0.6
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.3.4
Moodle Moodle 2.4.8
Moodle Moodle 2.4.9
Moodle Moodle 2.5.0
Moodle Moodle 2.5.1
Moodle Moodle 2.0.0
Moodle Moodle 2.0.2
Moodle Moodle 2.0.7
Moodle Moodle 2.0.9
Moodle Moodle 2.1.5
Moodle Moodle 2.1.7
6.8
CVSSv2
CVE-2014-0214
login/token.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 creates a MoodleMobile web-service token with an infinite lifetime, which makes it easier for remote malicious users to hijack sessions via a brute-force at...
Moodle Moodle 2.0.6
Moodle Moodle 2.0.7
Moodle Moodle 2.0.8
Moodle Moodle 2.0.9
Moodle Moodle 2.2.10
Moodle Moodle 2.2.11
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.3.5
Moodle Moodle 2.3.6
Moodle Moodle 2.3.7
Moodle Moodle 2.3.8
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.5.5
Moodle Moodle 2.0.2
Moodle Moodle 2.0.4
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
5.8
CVSSv2
CVE-2014-0125
repository/alfresco/lib.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.9, 2.5.x prior to 2.5.5, and 2.6.x prior to 2.6.2 places a session key in a URL, which allows remote malicious users to bypass intended Alfresco Repository file restrictions by impersonating a fi...
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.7
Moodle Moodle 2.1.10
Moodle Moodle 2.1.3
Moodle Moodle 2.2.0
Moodle Moodle 2.2.10
Moodle Moodle 2.2.5
Moodle Moodle 2.2.7
Moodle Moodle 2.2.9
Moodle Moodle 2.5.2
Moodle Moodle 2.5.4
Moodle Moodle 2.4.6
Moodle Moodle 2.4.8
Moodle Moodle 2.3.2
Moodle Moodle 2.3.4
Moodle Moodle 2.3.6
Moodle Moodle 2.0.8
Moodle Moodle 2.0.9
Moodle Moodle 2.1.0
Moodle Moodle 2.1.1
Moodle Moodle 2.2.11
4.9
CVSSv2
CVE-2014-0122
mod/chat/chat_ajax.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.9, 2.5.x prior to 2.5.5, and 2.6.x prior to 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which allows remote authenticated users to bypass intended access restr...
Moodle Moodle 2.0.8
Moodle Moodle 2.0.9
Moodle Moodle 2.1.0
Moodle Moodle 2.1.1
Moodle Moodle 2.2.11
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
Moodle Moodle 2.3.7
Moodle Moodle 2.3.8
Moodle Moodle 2.3.9
Moodle Moodle 2.0.0
Moodle Moodle 2.0.1
Moodle Moodle 2.0.2
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.7
4.9
CVSSv2
CVE-2014-0123
The wiki subsystem in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.9, 2.5.x prior to 2.5.5, and 2.6.x prior to 2.6.2 does not properly restrict (1) view and (2) edit access, which allows remote authenticated users to perform wiki operations by leveraging the student role...
Moodle Moodle 2.0.6
Moodle Moodle 2.0.8
Moodle Moodle 2.1.2
Moodle Moodle 2.1.4
Moodle Moodle 2.2.1
Moodle Moodle 2.2.11
Moodle Moodle 2.2.8
Moodle Moodle 2.6.0
Moodle Moodle 2.5.3
Moodle Moodle 2.4.0
Moodle Moodle 2.4.7
Moodle Moodle 2.3.0
Moodle Moodle 2.3.5
Moodle Moodle 2.3.7
Moodle Moodle 2.0.1
Moodle Moodle 2.0.2
Moodle Moodle 2.0.3
Moodle Moodle 2.0.4
Moodle Moodle 2.1.6
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »