Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.8.8 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2015-5332
Atto in Moodle 2.8.x prior to 2.8.9 and 2.9.x prior to 2.9.3 allows remote malicious users to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosave feature.
Moodle Moodle 2.8.3
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.8.0
Moodle Moodle 2.9.2
Moodle Moodle 2.9.1
Moodle Moodle 2.9.0
Moodle Moodle 2.8.8
Moodle Moodle 2.8.6
Moodle Moodle 2.8.4
Moodle Moodle 2.8.7
Moodle Moodle 2.8.5
4
CVSSv2
CVE-2016-2155
The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x prior to 2.8.11, 2.9.x prior to 2.9.5, and 3.0.x prior to 3.0.3 does not consider the moodle/grade:manage capability, which allows remote authenticated users to modify "Exclude grade" settings b...
Moodle Moodle 3.0.2
Moodle Moodle 3.0.1
Moodle Moodle 2.8.9
Moodle Moodle 2.8.8
Moodle Moodle 2.8.1
Moodle Moodle 2.8.0
Moodle Moodle 2.9.1
Moodle Moodle 2.9.0
Moodle Moodle 2.8.10
Moodle Moodle 2.8.3
Moodle Moodle 2.8.2
Moodle Moodle 2.9.3
Moodle Moodle 2.9.2
Moodle Moodle 2.8.5
Moodle Moodle 2.8.4
Moodle Moodle 3.0.0
Moodle Moodle 2.9.4
Moodle Moodle 2.8.7
Moodle Moodle 2.8.6
4
CVSSv2
CVE-2016-2154
admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x prior to 2.8.11, 2.9.x prior to 2.9.5, and 3.0.x prior to 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to ...
Moodle Moodle 2.9.3
Moodle Moodle 2.9.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.8.4
Moodle Moodle 3.0.0
Moodle Moodle 2.9.4
Moodle Moodle 2.8.8
Moodle Moodle 2.8.7
Moodle Moodle 3.0.2
Moodle Moodle 3.0.1
Moodle Moodle 2.8.10
Moodle Moodle 2.8.9
Moodle Moodle 2.8.1
Moodle Moodle 2.8.0
Moodle Moodle 2.9.1
Moodle Moodle 2.9.0
Moodle Moodle 2.8.3
Moodle Moodle 2.8.2
4.3
CVSSv2
CVE-2016-0725
Cross-site scripting (XSS) vulnerability in the search_pagination function in course/classes/management_renderer.php in Moodle 2.8.x prior to 2.8.10, 2.9.x prior to 2.9.4, and 3.0.x prior to 3.0.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted ...
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Moodle Moodle 3.0.1
Moodle Moodle 3.0.0
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.9.3
Moodle Moodle 2.9.2
Moodle Moodle 2.9.1
Moodle Moodle 2.8.4
Moodle Moodle 2.8.3
Moodle Moodle 2.9.0
Moodle Moodle 2.8.9
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.8.8
Moodle Moodle 2.8.7
Moodle Moodle 2.8.0
5
CVSSv2
CVE-2016-3731
Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, and 2.8 up to and including 2.8.11 allows remote malicious users to obtain the names of hidden forums and forum discussions.
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.11
Moodle Moodle 2.8.1
Moodle Moodle 2.9.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 2.9.3
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.2
4.3
CVSSv2
CVE-2015-5335
Cross-site request forgery (CSRF) vulnerability in admin/registration/register.php in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 allows remote malicious users to hijack the authentication of administrators for requests...
Moodle Moodle 2.8.4
Moodle Moodle 2.8.3
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.1
Moodle Moodle 2.9.0
Moodle Moodle 2.7.5
Moodle Moodle 2.7.4
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.8.8
Moodle Moodle 2.8.6
Moodle Moodle 2.7.9
Moodle Moodle 2.7.7
Moodle Moodle 2.7.1
Moodle Moodle
Moodle Moodle 2.8.7
Moodle Moodle 2.8.5
Moodle Moodle 2.8.0
Moodle Moodle 2.7.8
Moodle Moodle 2.7.6
4.3
CVSSv2
CVE-2015-5337
Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted .swf file.
Moodle Moodle 2.8.8
Moodle Moodle 2.8.7
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.8.4
Moodle Moodle 2.7.10
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle
Moodle Moodle 2.7.9
Moodle Moodle 2.7.8
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle 2.9.1
Moodle Moodle 2.8.3
Moodle Moodle 2.8.1
Moodle Moodle 2.7.4
Moodle Moodle 2.7.2
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.2
Moodle Moodle 2.8.0
4
CVSSv2
CVE-2015-5341
mod_scorm in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.
Moodle Moodle 2.9.1
Moodle Moodle 2.9.0
Moodle Moodle 2.8.8
Moodle Moodle 2.8.7
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.7.10
Moodle Moodle 2.7.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.8.0
Moodle Moodle 2.7.9
Moodle Moodle 2.9.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.4
Moodle Moodle 2.7.7
Moodle Moodle 2.7.5
Moodle Moodle
Moodle Moodle 2.8.5
Moodle Moodle 2.8.3
Moodle Moodle 2.7.8
Moodle Moodle 2.7.6
3.5
CVSSv2
CVE-2015-5336
Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student r...
Moodle Moodle 2.8.0
Moodle Moodle 2.7.9
Moodle Moodle 2.7.8
Moodle Moodle 2.7.7
Moodle Moodle 2.9.1
Moodle Moodle 2.9.0
Moodle Moodle 2.8.7
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.2
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle
Moodle Moodle 2.8.8
Moodle Moodle 2.8.4
Moodle Moodle 2.8.2
Moodle Moodle 2.7.5
Moodle Moodle 2.7.3
Moodle Moodle 2.7.10
Moodle Moodle 2.9.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.1
4
CVSSv2
CVE-2015-5340
Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) badges/ove...
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.8.0
Moodle Moodle 2.7.9
Moodle Moodle 2.9.1
Moodle Moodle 2.9.0
Moodle Moodle 2.8.8
Moodle Moodle 2.8.7
Moodle Moodle 2.7.4
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.7.10
Moodle Moodle 2.7.1
Moodle Moodle 2.9.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.4
Moodle Moodle 2.7.7
Moodle Moodle 2.7.5
Moodle Moodle
Moodle Moodle 2.8.5
Moodle Moodle 2.8.3
Moodle Moodle 2.7.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »