Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.2.5 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2012-5472
lib/formslib.php in Moodle 2.2.x prior to 2.2.6 and 2.3.x prior to 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
5
CVSSv2
CVE-2012-6104
blog/rsslib.php in Moodle 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 allows remote malicious users to obtain sensitive information from site-level blogs by leveraging the guest role and reading an RSS feed.
Moodle Moodle 2.2.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.4
Moodle Moodle 2.2.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.3.3
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.1
Moodle Moodle 2.4.0
5.8
CVSSv2
CVE-2012-6101
Multiple open redirect vulnerabilities in Moodle 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to (1) backup/backupfilesedit.php, (2) comm...
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.0
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.6
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.3.1
Moodle Moodle 2.4.0
4
CVSSv2
CVE-2012-6100
report/outline/index.php in Moodle 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 does not properly enforce the moodle/user:viewhiddendetails capability requirement, which allows remote authenticated users to discover a hidden lastaccess value by reading an ...
Moodle Moodle 2.2.0
Moodle Moodle 2.2.6
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.3
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.4.0
6.8
CVSSv2
CVE-2012-6103
Multiple cross-site request forgery (CSRF) vulnerabilities in user/messageselect.php in the messaging system in Moodle 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 allow remote malicious users to hijack the authentication of arbitrary users for requests th...
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.6
Moodle Moodle 2.2.0
Moodle Moodle 2.2.5
Moodle Moodle 2.2.2
Moodle Moodle 2.2.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.3.0
Moodle Moodle 2.4.0
6.5
CVSSv2
CVE-2012-5471
The Dropbox Repository File Picker in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
4
CVSSv2
CVE-2012-5473
The Database activity module in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an advanced search.
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
6.5
CVSSv2
CVE-2012-5479
The Portfolio plugin in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.0
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
6.4
CVSSv2
CVE-2012-5480
The Database activity module in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote malicious users to bypass intended restrictions on reading other participants' entries via an advanced search.
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
4
CVSSv2
CVE-2012-6099
The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x prior to 2.1.10, 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 does not properly validate pathnames, which allows remote authenticated users to read arbitrary files by leveragi...
Moodle Moodle 2.1.1
Moodle Moodle 2.1.8
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.6
Moodle Moodle 2.1.2
Moodle Moodle 2.1.7
Moodle Moodle 2.1.9
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.0
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.6
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
Moodle Moodle 2.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »