Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.8.3 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-26812
Cross Site Scripting (XSS) in the Jitsi Meet 2.7 up to and including 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows malicious users to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.
6.5
CVSSv3
CVE-2016-3729
The user editing form in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to edit profile fields locked by the administrator.
Moodle Moodle 2.7.0
Moodle Moodle 2.7.13
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.4
Moodle Moodle 2.9.4
Moodle Moodle 2.9.5
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
5.3
CVSSv3
CVE-2016-3731
Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, and 2.8 up to and including 2.8.11 allows remote malicious users to obtain the names of hidden forums and forum discussions.
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.11
Moodle Moodle 2.8.1
Moodle Moodle 2.9.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 2.9.3
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.2
8.8
CVSSv3
CVE-2016-3734
Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13 and previous versions allows remote malicious users to hijack the authentication...
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.7.9
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.7.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.0
Moodle Moodle 2.7.4
Moodle Moodle 2.7.6
Moodle Moodle 2.7.13
Moodle Moodle 2.8.3
Moodle Moodle 2.8.8
4.3
CVSSv3
CVE-2016-3732
The capability check to access other badges in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to read the badges of other users.
Moodle Moodle 2.7.4
Moodle Moodle 2.7.5
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 2.7.0
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.4
Moodle Moodle 2.9.5
Moodle Moodle 3.0.3
Moodle Moodle 2.7.1
4.3
CVSSv3
CVE-2016-3733
The "restore teacher" feature in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to overwrite the course idnumber.
Moodle Moodle 2.7.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.6
Moodle Moodle 2.7.8
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.3
Moodle Moodle 2.9.4
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
4.3
CVSSv3
CVE-2016-8643
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.1
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle
Moodle Moodle 3.0.5
Moodle Moodle 3.0.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 3.1.2
Moodle Moodle 3.1.0
Moodle Moodle 3.0.2
Moodle Moodle 2.9.7
Moodle Moodle 2.9.0
Moodle Moodle 2.8.11
5.3
CVSSv3
CVE-2016-8644
In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.
Moodle Moodle 3.1.2
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 2.9.8
Moodle Moodle 2.9.7
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.4
Moodle Moodle 3.0.0
Moodle Moodle 2.9.6
Moodle Moodle 2.9.4
Moodle Moodle 2.8.0
Moodle Moodle 2.8.2
5.3
CVSSv3
CVE-2016-8642
In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.
Moodle Moodle 3.0.2
Moodle Moodle 2.9.8
Moodle Moodle 2.9.7
Moodle Moodle 2.9.6
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 3.0.5
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 3.1.2
Moodle Moodle 3.0.4
Moodle Moodle 3.0.0
Moodle Moodle 2.9.4
Moodle Moodle 2.9.1
7.3
CVSSv3
CVE-2016-7038
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
Moodle Moodle 2.9.7
Moodle Moodle 2.9.6
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.3
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.5
Moodle Moodle 3.0.4
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.8.2
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 2.9.2
Moodle Moodle 2.8.12
Moodle Moodle 2.8.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »