Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.8.3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-26812
Cross Site Scripting (XSS) in the Jitsi Meet 2.7 up to and including 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows malicious users to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.
356
VMScore
CVE-2016-3733
The "restore teacher" feature in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to overwrite the course idnumber.
Moodle Moodle 2.7.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.6
Moodle Moodle 2.7.8
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.3
Moodle Moodle 2.9.4
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
356
VMScore
CVE-2016-3729
The user editing form in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to edit profile fields locked by the administrator.
Moodle Moodle 2.7.0
Moodle Moodle 2.7.13
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.4
Moodle Moodle 2.9.4
Moodle Moodle 2.9.5
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
445
VMScore
CVE-2016-3731
Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, and 2.8 up to and including 2.8.11 allows remote malicious users to obtain the names of hidden forums and forum discussions.
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.11
Moodle Moodle 2.8.1
Moodle Moodle 2.9.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 2.9.3
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.2
605
VMScore
CVE-2016-3734
Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13 and previous versions allows remote malicious users to hijack the authentication...
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.7.9
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.7.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.0
Moodle Moodle 2.7.4
Moodle Moodle 2.7.6
Moodle Moodle 2.7.13
Moodle Moodle 2.8.3
Moodle Moodle 2.8.8
356
VMScore
CVE-2016-3732
The capability check to access other badges in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to read the badges of other users.
Moodle Moodle 2.7.4
Moodle Moodle 2.7.5
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 2.7.0
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.4
Moodle Moodle 2.9.5
Moodle Moodle 3.0.3
Moodle Moodle 2.7.1
516
VMScore
CVE-2016-5014
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.
Moodle Moodle 3.1.0
Moodle Moodle 3.0.4
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.2
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 3.0.2
Moodle Moodle 3.0.0
Moodle Moodle 2.9.0
Moodle Moodle 2.8.11
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 3.0.3
Moodle Moodle 3.0.1
Moodle Moodle 2.9.6
516
VMScore
CVE-2016-5013
In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.
Moodle Moodle 3.0.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 2.8.11
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.1
Moodle Moodle 2.8.0
Moodle Moodle 2.8.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.9
Moodle Moodle
Moodle Moodle 2.9.6
Moodle Moodle 3.1.0
445
VMScore
CVE-2017-2576
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 3.0.5
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 2.8.11
Moodle Moodle 3.0.2
Moodle Moodle 2.9.9
Moodle Moodle 2.9.8
Moodle Moodle 2.9.7
Moodle Moodle 2.9.6
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.7
Moodle Moodle 3.2.0
Moodle Moodle 3.0.3
Moodle Moodle 3.0.1
Moodle Moodle 2.9.4
445
VMScore
CVE-2016-7038
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed.
Moodle Moodle 2.9.7
Moodle Moodle 2.9.6
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.3
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.5
Moodle Moodle 3.0.4
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.8.2
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 2.9.2
Moodle Moodle 2.8.12
Moodle Moodle 2.8.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »