Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4287
admin/uploaduser_form.php in Moodle 2.0.x prior to 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote malicious users to obtain access by leveraging knowledge of the initial password of a new user.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2011-4291
Moodle 2.0.x prior to 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2011-4292
Moodle 2.0.x prior to 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2011-4289
Moodle 2.0.x prior to 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2011-4295
The moodle_enrol_external:role_assign function in enrol/externallib.php in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 does not have an authorization check, which allows remote authenticated users to gain privileges by making a role assignment.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4296
lib/db/access.php in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 assigns incorrect capabilities to the course-creator role, which allows remote authenticated users to modify course filters by leveraging this role.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4297
comment/lib.php in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 does not properly restrict comment capabilities, which allows remote malicious users to post a comment by leveraging the guest role and operating on a front-page activity.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4293
The theme implementation in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote malicious users to bypass intended access restrictions and write to an operating-system temporar...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4281
Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x prior to 2.0.2 allow remote malicious users to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course.
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2011-4282
Multiple cross-site scripting (XSS) vulnerabilities in the course-tags functionality in tag/coursetags_more.php in Moodle 2.0.x prior to 2.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) sort or (2) show parameter.
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »