Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-30599
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.
Moodle Moodle
Moodle Moodle 4.0.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
9.8
CVSSv3
CVE-2022-0332
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
Moodle Moodle
1 Github repository
9.8
CVSSv3
CVE-2021-3943
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and previous versions unsupported versions. A remote code execution risk when restoring backup files was identified.
Moodle Moodle
9.8
CVSSv3
CVE-2019-15536
The Acclaim block plugin prior to 2019-06-26 for Moodle allows SQL Injection via delete_records.
Youracclaim Acclaim
9.8
CVSSv3
CVE-2017-2641
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.7.15
Moodle Moodle 2.7.16
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 3.0.0
Moodle Moodle 3.2.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.9
Moodle Moodle 2.7.10
Moodle Moodle 2.7.17
Moodle Moodle 2.7.18
Moodle Moodle 3.0.3
Moodle Moodle 3.0.4
Moodle Moodle 3.1.0
Moodle Moodle 3.1.4
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
1 EDB exploit
9.1
CVSSv3
CVE-2022-45152
A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An at...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 37
9.1
CVSSv3
CVE-2021-21809
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
Moodle Moodle 3.10.0
1 Github repository
9.1
CVSSv3
CVE-2019-14880
A vulnerability was found in Moodle versions 3.7 prior to 3.7.3, 3.6 prior to 3.6.7, 3.5 prior to 3.5.9 and previous versions. OAuth 2 providers who do not verify users' email address changes require additional verification during sign-up to reduce the risk of account compro...
Moodle Moodle
8.8
CVSSv3
CVE-2023-5539
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-5540
A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 7.0
Fedoraproject Fedora 38
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »