Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.4.4 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-0410
SQL injection vulnerability in ADOdb prior to 4.71, when using PostgreSQL, allows remote malicious users to execute arbitrary SQL commands via unspecified attack vectors involving binary strings.
John Lim Adodb 4.66
John Lim Adodb 4.70
John Lim Adodb 4.68
4.6
CVSSv2
CVE-2013-3630
Moodle up to and including 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
1 EDB exploit
1 Metasploit module
4.3
CVSSv2
CVE-2010-2228
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Moodle Moodle 1.5.2
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
4.3
CVSSv2
CVE-2010-2229
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Moodle Moodle 1.5.2
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
4.3
CVSSv2
CVE-2008-5432
Cross-site scripting (XSS) vulnerability in Moodle prior to 1.6.8, 1.7 prior to 1.7.6, 1.8 prior to 1.8.7, and 1.9 prior to 1.9.3 allows remote malicious users to inject arbitrary web script or HTML via a Wiki page name (aka page title).
Moodle Moodle 1.5.2
Moodle Moodle 1.9.1
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle 1.4.5
Moodle Moodle 1.9.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.6.4
Moodle Moodle 1.1.1
Moodle Moodle 1.3.1
Moodle Moodle 1.4.4
Moodle Moodle 1.7.3
4.3
CVSSv2
CVE-2008-1502
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare prior to 1.4.003, Moodle prior to 1.8.5, and other products, allows remote malicious users to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string contai...
Egroupware Egroupware 1.0
Moodle Moodle 1.5.2
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Egroupware Egroupware
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Egroupware Egroupware 1.0.6
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.7.1
Moodle Moodle
Egroupware Egroupware 1.2.106-2
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Egroupware Egroupware 1.0.3
Moodle Moodle 1.6.4
Moodle Moodle 1.1.1
4.3
CVSSv2
CVE-2006-0806
Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote malicious users to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspecified vectors related to ...
John Lim Adodb 4.71
John Lim Adodb 4.66
John Lim Adodb 4.70
John Lim Adodb 4.68
1 EDB exploit
4
CVSSv2
CVE-2010-2230
The KSES text cleaning filter in lib/weblib.php in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input.
Moodle Moodle 1.5.2
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
3.5
CVSSv2
CVE-2013-4523
Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted message.
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
Moodle Moodle 2.0.1
3.5
CVSSv2
CVE-2013-4525
Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an an...
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
Moodle Moodle 2.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2