Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.1.2 vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2011-4582
Open redirect vulnerability in the Calendar set page in Moodle 2.1.x prior to 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
668
VMScore
CVE-2012-0801
lib/formslib.php in Moodle 2.1.x prior to 2.1.4 and 2.2.x prior to 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
490
VMScore
CVE-2012-0798
The self-enrolment functionality in Moodle 2.1.x prior to 2.1.4 and 2.2.x prior to 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
Moodle Moodle 2.2.0
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
356
VMScore
CVE-2011-4581
mod/wiki/pagelib.php in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 allows remote authenticated users to discover the username of a wiki creator by visiting the history and deletion user interface.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
578
VMScore
CVE-2011-4583
Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens.
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.0
Moodle Moodle 2.0.1
Moodle Moodle 2.0.2
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
445
VMScore
CVE-2011-4592
The command-line cron implementation in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 does not properly interact with IP blocking, which might allow remote malicious users to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was dis...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
356
VMScore
CVE-2011-4590
The web services implementation in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.2
Moodle Moodle 2.0.3
Moodle Moodle 2.0.4
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
383
VMScore
CVE-2011-4591
Cross-site scripting (XSS) vulnerability in the print_object function in lib/datalib.php in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3, when a developer debugging script is enabled, allows remote malicious users to inject arbitrary web script or HTML via vectors involvi...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
356
VMScore
CVE-2012-2353
Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.3
Moodle Moodle 2.1.1
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
356
VMScore
CVE-2012-2354
Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »