Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.4.4 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-2244
Multiple cross-site scripting (XSS) vulnerabilities in lib/conditionlib.php in Moodle 2.4.x prior to 2.4.5 and 2.5.x prior to 2.5.1 allow remote malicious users to inject arbitrary web script or HTML via the conditional access rule value of a user field.
Moodle Moodle 2.4.2
Moodle Moodle 2.4.1
Moodle Moodle 2.5.0
Moodle Moodle 2.4.0
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
435
VMScore
CVE-2013-4341
Multiple cross-site scripting (XSS) vulnerabilities in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.9, 2.4.x prior to 2.4.6, and 2.5.x prior to 2.5.2 allow remote malicious users to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.
Moodle Moodle 2.3.8
Moodle Moodle 2.5.1
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Moodle Moodle
Moodle Moodle 2.4.2
Moodle Moodle 2.3.6
Moodle Moodle 2.3.5
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.3.7
Moodle Moodle 2.4.0
Moodle Moodle 2.4.4
Moodle Moodle 2.4.5
Moodle Moodle 2.5.0
1 EDB exploit
356
VMScore
CVE-2014-0008
lib/adminlib.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.8, 2.5.x prior to 2.5.4, and 2.6.x prior to 2.6.1 logs cleartext passwords, which allows remote authenticated administrators to obtain sensitive information by reading the Config Changes Report.
Moodle Moodle 2.5.3
Moodle Moodle 2.5.0
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.6.0
Moodle Moodle 2.4.5
Moodle Moodle 2.4.6
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.7
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle
Moodle Moodle 2.3.0
Moodle Moodle 2.3.6
Moodle Moodle 2.3.7
Moodle Moodle 2.3.4
Moodle Moodle 2.3.5
Moodle Moodle 2.3.1
516
VMScore
CVE-2012-6087
repository/s3/S3.php in the Amazon S3 library in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.9, 2.4.x prior to 2.4.6, and 2.5.x prior to 2.5.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field o...
Moodle Moodle 2.5.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.8
Moodle Moodle 2.2.0
Moodle Moodle 2.2.5
Moodle Moodle 2.2.6
Moodle Moodle 2.2.7
Moodle Moodle 2.5.1
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.10
Moodle Moodle 2.2.8
Moodle Moodle 2.2.9
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.3.4
Moodle Moodle 2.3.5
Moodle Moodle
668
VMScore
CVE-2013-4313
Moodle up to and including 2.2.11, 2.3.x prior to 2.3.9, 2.4.x prior to 2.4.6, and 2.5.x prior to 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote malicious users to conduct SQL injection attacks against Microsoft SQL Server via a...
Moodle Moodle 2.3.3
Moodle Moodle 2.3.4
Moodle Moodle 2.3.5
Moodle Moodle 2.3.6
Moodle Moodle 2.2.9
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
Moodle Moodle 2.2.10
Moodle Moodle
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.5.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.7
Moodle Moodle 2.2.0
Moodle Moodle 2.2.5
Moodle Moodle 2.2.7
Moodle Moodle 2.5.0
Moodle Moodle 2.4.0
534
VMScore
CVE-2014-3552
The Shibboleth authentication plugin in auth/shibboleth/index.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.11, and 2.5.x prior to 2.5.7 does not check whether a session ID is empty, which allows remote authenticated users to hijack sessions via crafted plugin inte...
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
Moodle Moodle 2.4.9
Moodle Moodle 2.4.10
Moodle Moodle 2.4.6
Moodle Moodle 2.4.8
Moodle Moodle 2.4.5
Moodle Moodle 2.4.7
Moodle Moodle 2.3.4
Moodle Moodle 2.3.5
Moodle Moodle 2.3.6
Moodle Moodle 2.3.7
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.10
Moodle Moodle 2.3.2
Moodle Moodle 2.3.9
Moodle Moodle
Moodle Moodle 2.3.3
356
VMScore
CVE-2013-2242
mod/chat/gui_sockets/index.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, and 2.5.x prior to 2.5.1 does not consider the mod/chat:chat capability before authorizing daemon-mode chat, which allows remote authenticated u...
Moodle Moodle 2.1.9
Moodle Moodle 2.1.10
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.8
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.9
Moodle Moodle 2.2.7
Moodle Moodle 2.2.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.1
Moodle Moodle 2.2.10
356
VMScore
CVE-2013-2243
mod/lesson/pagetypes/matching.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, and 2.5.x prior to 2.5.1 allows remote authenticated users to obtain sensitive answer information by reading the HTML source code of a document.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.9
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.9
Moodle Moodle 2.2.7
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.2.11
Moodle Moodle 2.2.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.8
Moodle Moodle 2.2.4
Moodle Moodle 2.2.10
356
VMScore
CVE-2013-2246
mod/feedback/lib.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, and 2.5.x prior to 2.5.1 does not consider the mod/feedback:view capability before displaying recent feedback, which allows remote authenticated users to ...
Moodle Moodle 2.1.1
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.1.8
Moodle Moodle 2.1.4
Moodle Moodle 2.1.6
Moodle Moodle 2.1.0
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
Moodle Moodle 2.2.5
Moodle Moodle 2.2.0
Moodle Moodle 2.2.7
Moodle Moodle 2.2.2
Moodle Moodle 2.2.8
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.3
Moodle Moodle 2.2.10
Moodle Moodle 2.2.9
Moodle Moodle 2.2.6
383
VMScore
CVE-2013-4938
The LTI (aka IMS-LTI) mod_form implementation in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, and 2.5.x prior to 2.5.1 does not properly support the sendname, sendemailaddr, and acceptgrades settings, which allows remote ma...
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.8
Moodle Moodle 2.1.0
Moodle Moodle 2.1.9
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.6
Moodle Moodle 2.1.7
Moodle Moodle 2.2.4
Moodle Moodle 2.2.10
Moodle Moodle 2.2.0
Moodle Moodle 2.2.9
Moodle Moodle 2.2.3
Moodle Moodle 2.2.8
Moodle Moodle 2.2.6
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.7
Moodle Moodle 2.2.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »