Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.9.10 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0792
mod/forum/user.php in Moodle 1.9.x prior to 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
NA
CVE-2012-2362
Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x prior to 1.9.18, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via a crafted parameter to blog/index.php.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.17
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.16
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
NA
CVE-2012-2363
SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x prior to 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calendar event.
Moodle Moodle 1.9.6
Moodle Moodle 1.9.5
Moodle Moodle 1.9.12
Moodle Moodle 1.9.13
Moodle Moodle 1.9.14
Moodle Moodle 1.9.7
Moodle Moodle 1.9.4
Moodle Moodle 1.9.10
Moodle Moodle 1.9.17
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.9.3
Moodle Moodle 1.9.16
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.9
NA
CVE-2011-4294
The error-message functionality in Moodle 1.9.x prior to 1.9.13, 2.0.x prior to 2.0.4, and 2.1.x prior to 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow malicious users to trick users into visiting ar...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4302
mnet/xmlrpc/client.php in MNET in Moodle 1.9.x prior to 1.9.14, 2.0.x prior to 2.0.5, and 2.1.x prior to 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote malicious users to bypass validation via a crafted certificate.
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4301
The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x prior to 1.9.14, 2.0.x prior to 2.0.5, and 2.1.x prior to 2.1.2 does not recognize Forms API setConstant operations, which allows remote malicious users to submit unexpected form content by modifyi...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4308
mod/forum/user.php in Moodle 1.9.x prior to 1.9.14, 2.0.x prior to 2.0.5, and 2.1.x prior to 2.1.2 allows remote authenticated users to discover the names of other users via unspecified vectors.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.1.1
Moodle Moodle 1.9.5
Moodle Moodle 1.9.6
Moodle Moodle 1.9.13
Moodle Moodle 1.9.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.9
Moodle Moodle 1.9.10
Moodle Moodle 2.1.0
Moodle Moodle 2.0.0
Moodle Moodle 1.9.7
Moodle Moodle 1.9.8
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 1.9.3
Moodle Moodle 1.9.4
Moodle Moodle 1.9.11
Moodle Moodle 1.9.12
NA
CVE-2011-4586
CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x prior to 1.9.15, 2.0.x prior to 2.0.6, and 2.1.x prior to 2.1.3 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified ve...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.5
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
NA
CVE-2011-4593
Moodle 1.9.x prior to 1.9.15, 2.0.x prior to 2.0.6, and 2.1.x prior to 2.1.3 does not properly handle user/action_redir group messages, which allows remote authenticated users to discover e-mail addresses by visiting the messaging interface.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
NA
CVE-2011-4584
The MNET authentication functionality in Moodle 1.9.x prior to 1.9.15, 2.0.x prior to 2.0.6, and 2.1.x prior to 2.1.3 allows remote authenticated users to impersonate other user accounts by using the Login As feature in conjunction with a remote MNET single sign-on capability, as...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.5
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »