Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.0.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4293
The theme implementation in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote malicious users to bypass intended access restrictions and write to an operating-system temporar...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4295
The moodle_enrol_external:role_assign function in enrol/externallib.php in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 does not have an authorization check, which allows remote authenticated users to gain privileges by making a role assignment.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4296
lib/db/access.php in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 assigns incorrect capabilities to the course-creator role, which allows remote authenticated users to modify course filters by leveraging this role.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4297
comment/lib.php in Moodle 2.0.x prior to 2.0.4 and 2.1.x prior to 2.1.1 does not properly restrict comment capabilities, which allows remote malicious users to post a comment by leveraging the guest role and operating on a front-page activity.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4298
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allow remote malicious users to hijack the authentication of arbitrary users for requests that modify wiki data.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4299
Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via a wiki comment.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4300
The file_browser component in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 does not properly restrict access to category and course data, which allows remote malicious users to obtain potentially sensitive information via a request for a file.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4303
lib/db/upgrade.php in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 does not set the correct registration_hubs.secret value during installation, which allows remote malicious users to bypass intended access restrictions by leveraging the hubs feature.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4304
The chat functionality in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4307
Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allows remote malicious users to inject arbitrary web script or HTML via the section parameter.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »