Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.8.6 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2009-0501
Unspecified vulnerability in the Calendar export feature in Moodle 1.8 prior to 1.8.8 and 1.9 prior to 1.9.4 allows malicious users to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors.
Moodle Moodle 1.9.1
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
570
VMScore
CVE-2009-0499
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to delete unauthorized forum posts via a link or IMG tag to post.php.
Moodle Moodle 1.9.1
Moodle Moodle 1.8.2
Moodle Moodle 1.7.6
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.7.3
Moodle Moodle 1.7.2
Moodle Moodle 1.7.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.7.4
605
VMScore
CVE-2010-1613
Moodle 1.8.x and 1.9.x prior to 1.9.8 does not enable the "Regenerate session id during login" setting by default, which makes it easier for remote malicious users to conduct session fixation attacks.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
383
VMScore
CVE-2010-1614
Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is enabled, unspe...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
668
VMScore
CVE-2010-1615
Multiple SQL injection vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation ...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
356
VMScore
CVE-2010-1616
Moodle 1.8.x and 1.9.x prior to 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
356
VMScore
CVE-2010-1617
user/view.php in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
383
VMScore
CVE-2010-1619
Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via craft...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.11
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
Moodle Moodle 1.9.7
383
VMScore
CVE-2009-0502
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4, allows remote malicious users to inject arbitrary web script or HTML via an HTML block, wh...
Snoopy Snoopy 1.2.3
Moodle Moodle 1.7.0
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.5
Moodle Moodle 1.8.6
Moodle Moodle 1.8.7
Moodle Moodle 1.9.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.3
383
VMScore
CVE-2010-1618
Cross-site scripting (XSS) vulnerability in the phpCAS client library prior to 1.1.0, as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an erro...
Ja-sig Phpcas Client Library 1.0.0
Ja-sig Phpcas Client Library 1.0.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.5
Moodle Moodle 1.8.6
Moodle Moodle 1.8.7
Moodle Moodle 1.8.8
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.3
Moodle Moodle 1.9.4
Moodle Moodle 1.9.5
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »