Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.8.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2009-4305
SQL injection vulnerability in the SCORM module in Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.5
Moodle Moodle 1.8.7
Moodle Moodle 1.8.1
Moodle Moodle 1.8.9
Moodle Moodle 1.9.5
Moodle Moodle 1.9.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.3
Moodle Moodle 1.9.4
Moodle Moodle 1.8.8
Moodle Moodle 1.8.10
Moodle Moodle 1.9.6
6.4
CVSSv2
CVE-2009-0499
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to delete unauthorized forum posts via a link or IMG tag to post.php.
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.9.3
Moodle Moodle 1.8.1
Moodle Moodle 1.8.7
6
CVSSv2
CVE-2009-4301
mnet/lib.php in Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.9.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.8
Moodle Moodle 1.9.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.6
6
CVSSv2
CVE-2008-3325
Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x prior to 1.6.7 and 1.7.x prior to 1.7.5 allows remote malicious users to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page.
Moodle Moodle
Debian Debian Linux 4.0
5
CVSSv2
CVE-2013-4522
lib/filelib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote malicious users to obtain sensitive information by requesting a file that...
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.2.9
Moodle Moodle 2.2.8
Moodle Moodle 2.2.7
Moodle Moodle 2.2.6
Moodle Moodle 2.5.0
Moodle Moodle 2.5.2
Moodle Moodle 2.4.5
Moodle Moodle 2.3.0
Moodle Moodle 2.3.5
Moodle Moodle 2.3.7
Moodle Moodle 2.2.4
Moodle Moodle 2.2.2
Moodle Moodle 2.1.7
Moodle Moodle 2.1.5
Moodle Moodle 2.1.1
Moodle Moodle 2.0.9
Moodle Moodle 2.0.2
Moodle Moodle 2.0.0
5
CVSSv2
CVE-2013-1830
user/view.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote malicious users to obtain sensitive course-profile information by leveraging the guest ...
Fedoraproject Fedora 18
Fedoraproject Fedora 17
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.7
Moodle Moodle 2.2.6
Moodle Moodle 2.2.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
Moodle Moodle 2.0.3
Moodle Moodle 2.0.7
5
CVSSv2
CVE-2013-1831
lib/setuplib.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 allows remote malicious users to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 1.8.8
Moodle Moodle 1.5
Moodle Moodle 1.6.3
Moodle Moodle 1.3.1
Moodle Moodle 1.9.8
Moodle Moodle 1.8.14
Moodle Moodle 1.5.2
Moodle Moodle 1.5.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.10
Moodle Moodle 1.8.9
Moodle Moodle 1.9.2
5
CVSSv2
CVE-2009-4298
The LAMS module (mod/lams) for Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows malicious users to obtain user account information via unknown vectors.
Moodle Moodle 1.8.4
Moodle Moodle 1.8.5
Moodle Moodle 1.8.7
Moodle Moodle 1.8.8
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.9.2
Moodle Moodle 1.9.3
Moodle Moodle 1.9.4
Moodle Moodle 1.9.5
Moodle Moodle 1.8.2
Moodle Moodle 1.8.10
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
5
CVSSv2
CVE-2009-4299
mod/glossary/showentry.php in the Glossary module for Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 does not properly perform access control, which allows malicious users to read unauthorized Glossary entries via unknown vectors.
Moodle Moodle 1.8.5
Moodle Moodle 1.8.7
Moodle Moodle 1.8.8
Moodle Moodle 1.8.9
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.9.2
Moodle Moodle 1.9.3
Moodle Moodle 1.9.4
Moodle Moodle 1.9.5
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.8.4
Moodle Moodle 1.8.10
Moodle Moodle 1.9.1
5
CVSSv2
CVE-2009-4300
Multiple unspecified authentication plugins in Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 store the MD5 hashes for passwords in the user table, even when the cached hashes are not used by the plugin, which might make it easier for malicious users to obtain credentials via ...
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.9.5
Moodle Moodle 1.9.6
Moodle Moodle 1.8.4
Moodle Moodle 1.8.7
Moodle Moodle 1.9.1
Moodle Moodle 1.9.3
Moodle Moodle 1.8.8
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.8.3
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »