Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.8.11 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2009-4303
Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 stores (1) password hashes and (2) unspecified "secrets" in backup files, which might allow malicious users to obtain sensitive information.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
668
VMScore
CVE-2009-4304
Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 does not use a random password salt in config.php, which makes it easier for malicious users to conduct brute-force password guessing attacks.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
605
VMScore
CVE-2009-4297
Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
445
VMScore
CVE-2009-4298
The LAMS module (mod/lams) for Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows malicious users to obtain user account information via unknown vectors.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
445
VMScore
CVE-2009-4299
mod/glossary/showentry.php in the Glossary module for Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 does not properly perform access control, which allows malicious users to read unauthorized Glossary entries via unknown vectors.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
534
VMScore
CVE-2009-4301
mnet/lib.php in Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
578
VMScore
CVE-2009-4305
SQL injection vulnerability in the SCORM module in Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.4
Moodle Moodle 1.8.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3