Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.8.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-4302
login/index_form.html in Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 links to an index page on the HTTP port even when the page is served from an HTTPS port, which might cause login credentials to be sent in cleartext, even when SSL is intended, and allows remote malicious ...
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.5
Moodle Moodle 1.8.7
Moodle Moodle 1.8.8
Moodle Moodle 1.9.2
Moodle Moodle 1.9.3
Moodle Moodle 1.9.4
Moodle Moodle 1.9.5
Moodle Moodle 1.8.1
Moodle Moodle 1.8.9
Moodle Moodle 1.8.2
Moodle Moodle 1.8.10
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
5
CVSSv2
CVE-2009-4303
Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 stores (1) password hashes and (2) unspecified "secrets" in backup files, which might allow malicious users to obtain sensitive information.
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.9.5
Moodle Moodle 1.8.10
Moodle Moodle 1.9.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.3
Moodle Moodle 1.8.5
Moodle Moodle 1.8.8
Moodle Moodle 1.9.4
Moodle Moodle 1.9.6
5
CVSSv2
CVE-2009-0501
Unspecified vulnerability in the Calendar export feature in Moodle 1.8 prior to 1.8.8 and 1.9 prior to 1.9.4 allows malicious users to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors.
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
4.6
CVSSv2
CVE-2013-3630
Moodle up to and including 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
Moodle Moodle 2.5.0
Moodle Moodle 2.4.1
Moodle Moodle 2.3.8
Moodle Moodle 2.3.1
Moodle Moodle 2.2.9
Moodle Moodle 2.2.2
Moodle Moodle 2.2.10
Moodle Moodle 2.1.7
Moodle Moodle 2.1.5
Moodle Moodle 2.0.9
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 1.9.8
Moodle Moodle 1.9.3
Moodle Moodle 1.9.18
Moodle Moodle 1.9.11
Moodle Moodle 1.9.1
Moodle Moodle 1.8.4
Moodle Moodle 1.8.2
Moodle Moodle 1.8.10
Moodle Moodle 1.6.7
Moodle Moodle 1.6.0
1 EDB exploit
1 Metasploit module
4.3
CVSSv2
CVE-2010-2228
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Moodle Moodle 1.1.1
Moodle Moodle 1.2.0
Moodle Moodle 1.4.1
Moodle Moodle 1.4.2
Moodle Moodle 1.5.3
Moodle Moodle 1.5.0
Moodle Moodle 1.6.7
Moodle Moodle 1.6.8
Moodle Moodle 1.2.1
Moodle Moodle 1.3.0
Moodle Moodle 1.4.3
Moodle Moodle 1.4.4
Moodle Moodle 1.6.0
Moodle Moodle 1.6.1
Moodle Moodle 1.7.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.3.1
Moodle Moodle 1.3.2
Moodle Moodle 1.4.5
4.3
CVSSv2
CVE-2010-2229
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Moodle Moodle 1.8.7
Moodle Moodle 1.8.6
Moodle Moodle 1.7.3
Moodle Moodle 1.6.4
Moodle Moodle 1.6.6
Moodle Moodle 1.5.1
Moodle Moodle 1.5.2
Moodle Moodle 1.4.4
Moodle Moodle 1.3.4
Moodle Moodle 1.8.9
Moodle Moodle 1.8.8
Moodle Moodle 1.8.1
Moodle Moodle 1.6.3
Moodle Moodle 1.6.5
Moodle Moodle 1.6.2
Moodle Moodle 1.5
Moodle Moodle 1.4.2
Moodle Moodle 1.4.5
Moodle Moodle 1.2.0
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.8.5
4.3
CVSSv2
CVE-2010-1614
Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is enabled, unspe...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.8.7
Moodle Moodle 1.8.9
Moodle Moodle 1.8.3
Moodle Moodle 1.8.10
Moodle Moodle 1.9.6
Moodle Moodle 1.9.7
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
4.3
CVSSv2
CVE-2010-1618
Cross-site scripting (XSS) vulnerability in the phpCAS client library prior to 1.1.0, as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an erro...
Ja-sig Phpcas Client Library 1.0.0
Ja-sig Phpcas Client Library 1.0.1
Ja-sig Phpcas Client Library 1.0.0
Ja-sig Phpcas Client Library 1.0.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.4
Moodle Moodle 1.9.5
Moodle Moodle 1.9.4
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.8
Moodle Moodle 1.8.6
Moodle Moodle 1.9.7
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
4.3
CVSSv2
CVE-2010-1619
Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x prior to 1.8.12 and 1.9.x prior to 1.9.8, allows remote malicious users to inject arbitrary web script or HTML via craft...
Moodle Moodle 1.8.8
Moodle Moodle 1.8.7
Moodle Moodle 1.8.1
Moodle Moodle 1.8.3
Moodle Moodle 1.9.6
Moodle Moodle 1.8.5
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.8.2
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.9
Moodle Moodle 1.8.6
Moodle Moodle 1.8.10
Moodle Moodle 1.8.11
Moodle Moodle 1.9.4
Moodle Moodle 1.9.7
4.3
CVSSv2
CVE-2009-1171
The TeX filter in Moodle 1.6 prior to 1.6.9+, 1.7 prior to 1.7.7+, 1.8 prior to 1.8.9, and 1.9 prior to 1.9.5 allows user-assisted malicious users to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.
Moodle Moodle 1.6.4
Moodle Moodle 1.6.1
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.6.7
Moodle Moodle 1.6.8
Moodle Moodle 1.7.6
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.4
Moodle Moodle 1.6.3
Moodle Moodle 1.6.5
Moodle Moodle 1.6.0
Moodle Moodle 1.7.4
Moodle Moodle 1.7.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.6
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »