Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.8.3 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-26812
Cross Site Scripting (XSS) in the Jitsi Meet 2.7 up to and including 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows malicious users to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.
4
CVSSv2
CVE-2016-3732
The capability check to access other badges in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to read the badges of other users.
Moodle Moodle 2.7.4
Moodle Moodle 2.7.5
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 2.7.0
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.4
Moodle Moodle 2.9.5
Moodle Moodle 3.0.3
Moodle Moodle 2.7.1
4
CVSSv2
CVE-2016-3733
The "restore teacher" feature in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to overwrite the course idnumber.
Moodle Moodle 2.7.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.6
Moodle Moodle 2.7.8
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.3
Moodle Moodle 2.9.4
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
4
CVSSv2
CVE-2016-3729
The user editing form in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to edit profile fields locked by the administrator.
Moodle Moodle 2.7.0
Moodle Moodle 2.7.13
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.4
Moodle Moodle 2.9.4
Moodle Moodle 2.9.5
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
5
CVSSv2
CVE-2016-3731
Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, and 2.8 up to and including 2.8.11 allows remote malicious users to obtain the names of hidden forums and forum discussions.
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.11
Moodle Moodle 2.8.1
Moodle Moodle 2.9.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 2.9.3
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.2
6.8
CVSSv2
CVE-2016-3734
Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13 and previous versions allows remote malicious users to hijack the authentication...
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.7.9
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.7.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.0
Moodle Moodle 2.7.4
Moodle Moodle 2.7.6
Moodle Moodle 2.7.13
Moodle Moodle 2.8.3
Moodle Moodle 2.8.8
5
CVSSv2
CVE-2016-8644
In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.
Moodle Moodle 3.1.2
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 2.9.8
Moodle Moodle 2.9.7
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.4
Moodle Moodle 3.0.0
Moodle Moodle 2.9.6
Moodle Moodle 2.9.4
Moodle Moodle 2.8.0
Moodle Moodle 2.8.2
5.8
CVSSv2
CVE-2016-5013
In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.
Moodle Moodle 3.0.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 2.8.11
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.1
Moodle Moodle 2.8.0
Moodle Moodle 2.8.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.9
Moodle Moodle
Moodle Moodle 2.9.6
Moodle Moodle 3.1.0
5.8
CVSSv2
CVE-2016-5014
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.
Moodle Moodle 3.1.0
Moodle Moodle 3.0.4
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.2
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 3.0.2
Moodle Moodle 3.0.0
Moodle Moodle 2.9.0
Moodle Moodle 2.8.11
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 3.0.3
Moodle Moodle 3.0.1
Moodle Moodle 2.9.6
5
CVSSv2
CVE-2016-7038
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
Moodle Moodle 2.9.7
Moodle Moodle 2.9.6
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.3
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.5
Moodle Moodle 3.0.4
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.8.2
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 2.9.2
Moodle Moodle 2.8.12
Moodle Moodle 2.8.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »