Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.1.2 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2012-3392
mod/forum/unsubscribeall.php in Moodle 2.1.x prior to 2.1.7 and 2.2.x prior to 2.2.4 does not consider whether a forum is optional, which allows remote authenticated users to bypass forum-subscription requirements by leveraging the student role and unsubscribing from all forums.
Moodle Moodle 2.2.2
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
5.5
CVSSv2
CVE-2012-2358
Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass an activity's read-only state and modify the database by leveraging the student role and editing database activity entries that already exist.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
5.5
CVSSv2
CVE-2012-2366
mod/data/preset.php in Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
5.5
CVSSv2
CVE-2011-4589
backup/moodle2/restore_stepslib.php in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 does not check for the moodle/course:changeidnumber privilege during handling of course ID numbers, which allows remote authenticated users to overwrite ID numbers via a restore action.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
5.5
CVSSv2
CVE-2012-0798
The self-enrolment functionality in Moodle 2.1.x prior to 2.1.4 and 2.2.x prior to 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
5
CVSSv2
CVE-2014-0216
The My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 does not properly restrict file access, which allows remote malicious users to obtai...
Moodle Moodle 2.3.8
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 2.5.3
Moodle Moodle 2.3.4
Moodle Moodle 2.2.2
Moodle Moodle 2.3.1
Moodle Moodle 2.5.5
Moodle Moodle 2.6.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Moodle Moodle 2.0.1
Moodle Moodle 2.5.2
Moodle Moodle 2.2.9
Moodle Moodle 2.4.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.0.4
Moodle Moodle 2.2.6
Moodle Moodle 2.3.6
Moodle Moodle 2.4.6
Moodle Moodle 2.1.10
5
CVSSv2
CVE-2013-4522
lib/filelib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote malicious users to obtain sensitive information by requesting a file that...
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
Moodle Moodle 2.0.1
5
CVSSv2
CVE-2013-2082
Moodle up to and including 2.1.10, 2.2.x prior to 2.2.10, 2.3.x prior to 2.3.7, and 2.4.x prior to 2.4.4 does not enforce capability requirements for reading blog comments, which allows remote malicious users to obtain sensitive information via a crafted request.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.9
Moodle Moodle 2.2.6
Moodle Moodle 2.2.8
Moodle Moodle 2.2.1
Moodle Moodle 2.2.7
Moodle Moodle 2.2.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.4
5
CVSSv2
CVE-2013-2083
The MoodleQuickForm class in lib/formslib.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.10, 2.3.x prior to 2.3.7, and 2.4.x prior to 2.4.4 does not properly handle a certain array-element syntax, which allows remote malicious users to bypass intended form-data filt...
Moodle Moodle 2.1.2
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.9
Moodle Moodle 2.2.6
Moodle Moodle 2.2.8
Moodle Moodle 2.2.1
Moodle Moodle 2.2.7
Moodle Moodle 2.2.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.4
5
CVSSv2
CVE-2013-1830
user/view.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote malicious users to obtain sensitive course-profile information by leveraging the guest ...
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Moodle Moodle 2.2.2
Moodle Moodle 2.2.6
Moodle Moodle 2.2.1
Moodle Moodle 2.2.7
Moodle Moodle 2.2.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.0
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.3
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 1.9.17
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »