Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 3.1.4 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-2644
In Moodle 3.x, XSS can occur via evidence of prior learning.
Moodle Moodle 3.2.0
Moodle Moodle 3.1.0
Moodle Moodle 3.2.1
Moodle Moodle 3.1.1
Moodle Moodle 3.1.2
Moodle Moodle 3.1.3
Moodle Moodle 3.1.4
4.3
CVSSv2
CVE-2017-2645
In Moodle 3.x, XSS can occur via attachments to evidence of prior learning.
Moodle Moodle 3.2.0
Moodle Moodle 3.1.4
Moodle Moodle 3.1.0
Moodle Moodle 3.2.1
Moodle Moodle 3.1.1
Moodle Moodle 3.1.2
Moodle Moodle 3.1.3
4
CVSSv2
CVE-2017-2642
Moodle 3.x has user fullname disclosure on the user preferences page.
Moodle Moodle 3.2.3
Moodle Moodle 3.1.6
Moodle Moodle 3.1.5
Moodle Moodle 3.1.4
Moodle Moodle 3.3.0
Moodle Moodle 3.2.0
Moodle Moodle 3.2.2
Moodle Moodle 3.1.3
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.3.1
Moodle Moodle 3.2.1
Moodle Moodle 3.1.2
4
CVSSv2
CVE-2017-7532
In Moodle 3.x, course creators are able to change system default settings for courses.
Moodle Moodle 3.3.1
Moodle Moodle 3.2.0
Moodle Moodle 3.1.3
Moodle Moodle 3.2.3
Moodle Moodle 3.1.6
Moodle Moodle 3.1.0
Moodle Moodle 3.3.0
Moodle Moodle 3.2.1
Moodle Moodle 3.2.2
Moodle Moodle 3.1.1
Moodle Moodle 3.1.2
Moodle Moodle 3.1.5
Moodle Moodle 3.1.4
4
CVSSv2
CVE-2017-12157
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
Moodle Moodle 3.3.0
Moodle Moodle 3.2.0
Moodle Moodle 3.2.1
Moodle Moodle 3.1.0
Moodle Moodle 3.1.2
Moodle Moodle 3.0.0
Moodle Moodle 3.0.3
Moodle Moodle 3.0.5
Moodle Moodle 3.3.1
Moodle Moodle 3.2.3
Moodle Moodle 3.2.4
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 3.1.3
Moodle Moodle 3.1.4
Moodle Moodle 3.1.5
Moodle Moodle 3.1.6
Moodle Moodle 3.1.7
Moodle Moodle 3.0.7
Moodle Moodle 3.0.8
Moodle Moodle 3.0.9
Moodle Moodle 3.0.10
4.3
CVSSv2
CVE-2017-12156
Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.
Moodle Moodle 3.3.2
Moodle Moodle 3.2.0
Moodle Moodle 3.1.1
Moodle Moodle 3.1.2
Moodle Moodle 3.1.3
Moodle Moodle 3.1.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.4
Moodle Moodle 3.0.5
Moodle Moodle 3.0.6
Moodle Moodle 3.3.0
Moodle Moodle 3.2.5
Moodle Moodle 3.1.0
Moodle Moodle 3.1.5
Moodle Moodle 3.1.7
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 3.0.7
Moodle Moodle 3.0.9
Moodle Moodle 3.2.1
Moodle Moodle 3.2.2
Moodle Moodle 3.2.3
4.3
CVSSv2
CVE-2017-7491
In Moodle 2.x and 3.x, a CSRF attack is possible that allows malicious users to change the "number of courses displayed in the course overview block" configuration setting.
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
Moodle Moodle 2.7.4
Moodle Moodle 2.7.17
Moodle Moodle 2.7.18
Moodle Moodle 3.0.0
Moodle Moodle 3.1.0
Moodle Moodle 3.1.1
Moodle Moodle 3.2.2
Moodle Moodle 2.7.0
Moodle Moodle 2.7.5
Moodle Moodle 2.7.7
Moodle Moodle 2.7.14
Moodle Moodle 2.7.16
Moodle Moodle 2.7.9
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
Moodle Moodle 3.0.2
Moodle Moodle 3.0.3
Moodle Moodle 3.0.4
6.5
CVSSv2
CVE-2017-7489
In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.
Moodle Moodle 3.2.2
Moodle Moodle 2.7.0
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.7.14
Moodle Moodle 3.0.3
Moodle Moodle 3.0.4
Moodle Moodle 3.0.5
Moodle Moodle 3.0.6
Moodle Moodle 3.2.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.6
Moodle Moodle 2.7.8
Moodle Moodle 2.7.15
Moodle Moodle 2.7.17
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 3.0.7
Moodle Moodle 3.1.0
Moodle Moodle 3.1.4
5
CVSSv2
CVE-2017-7490
In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.
Moodle Moodle 3.2.2
Moodle Moodle 2.7.9
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
Moodle Moodle 2.7.4
Moodle Moodle 2.7.17
Moodle Moodle 2.7.18
Moodle Moodle 3.0.0
Moodle Moodle 3.1.0
Moodle Moodle 3.1.1
Moodle Moodle 2.7.0
Moodle Moodle 2.7.5
Moodle Moodle 2.7.7
Moodle Moodle 2.7.14
Moodle Moodle 2.7.16
Moodle Moodle 3.0.1
Moodle Moodle 3.0.6
Moodle Moodle 3.0.8
Moodle Moodle 3.1.3
Moodle Moodle 3.2.0
Moodle Moodle 3.2.1
7.5
CVSSv2
CVE-2017-2641
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.7.15
Moodle Moodle 2.7.16
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 3.0.0
Moodle Moodle 3.2.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.9
Moodle Moodle 2.7.10
Moodle Moodle 2.7.17
Moodle Moodle 2.7.18
Moodle Moodle 3.0.3
Moodle Moodle 3.0.4
Moodle Moodle 3.1.0
Moodle Moodle 3.1.4
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »