Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.0.4 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2011-4298
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allow remote malicious users to hijack the authentication of arbitrary users for requests that modify wiki data.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
4.3
CVSSv2
CVE-2011-4299
Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via a wiki comment.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
5
CVSSv2
CVE-2011-4300
The file_browser component in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 does not properly restrict access to category and course data, which allows remote malicious users to obtain potentially sensitive information via a request for a file.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
4.3
CVSSv2
CVE-2011-4303
lib/db/upgrade.php in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 does not set the correct registration_hubs.secret value during installation, which allows remote malicious users to bypass intended access restrictions by leveraging the hubs feature.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
4
CVSSv2
CVE-2011-4304
The chat functionality in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
4.3
CVSSv2
CVE-2011-4307
Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allows remote malicious users to inject arbitrary web script or HTML via the section parameter.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
5
CVSSv2
CVE-2011-4309
Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allows remote malicious users to bypass intended access restrictions and perform global searches by leveraging the guest role and making a direct request to a URL.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
4
CVSSv2
CVE-2011-4590
The web services implementation in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.2
Moodle Moodle 2.0.3
Moodle Moodle 2.0.4
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
4.3
CVSSv2
CVE-2011-4591
Cross-site scripting (XSS) vulnerability in the print_object function in lib/datalib.php in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3, when a developer debugging script is enabled, allows remote malicious users to inject arbitrary web script or HTML via vectors involvi...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
5
CVSSv2
CVE-2011-4592
The command-line cron implementation in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 does not properly interact with IP blocking, which might allow remote malicious users to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was dis...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »