Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2022-30600
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.
Moodle Moodle
Moodle Moodle 4.0.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
1 Github repository
668
VMScore
CVE-2022-0332
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
Moodle Moodle
1 Github repository
668
VMScore
CVE-2021-3943
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and previous versions unsupported versions. A remote code execution risk when restoring backup files was identified.
Moodle Moodle
668
VMScore
CVE-2019-15536
The Acclaim block plugin prior to 2019-06-26 for Moodle allows SQL Injection via delete_records.
Youracclaim Acclaim
668
VMScore
CVE-2019-3809
A flaw was found in Moodle versions 3.1 to 3.1.15 and previous versions unsupported versions. The mybackpack functionality allowed setting the URL of badges, when it should be restricted to the Mozilla Open Badges backpack URL. This resulted in the possibility of blind SSRF via r...
Moodle Moodle
668
VMScore
CVE-2018-10891
A flaw was found in moodle prior to 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the question preview that is displayed to execute JavaScript that is written into the question bank.
Moodle Moodle
668
VMScore
CVE-2014-7845
The generate_password function in Moodle up to and including 2.4.11, 2.5.x prior to 2.5.9, 2.6.x prior to 2.6.6, and 2.7.x prior to 2.7.3 does not provide a sufficient number of possible temporary passwords, which allows remote malicious users to obtain access via a brute-force a...
Moodle Moodle 2.5.0
Moodle Moodle 2.6.0
Moodle Moodle 2.6.1
Moodle Moodle 2.6.2
Moodle Moodle 2.6.3
Moodle Moodle 2.5.8
Moodle Moodle 2.5.7
Moodle Moodle 2.5.6
Moodle Moodle 2.5.5
Moodle Moodle 2.7.2
Moodle Moodle
Moodle Moodle 2.5.4
Moodle Moodle 2.5.2
Moodle Moodle 2.6.4
Moodle Moodle 2.7.0
Moodle Moodle 2.5.3
Moodle Moodle 2.5.1
Moodle Moodle 2.6.5
Moodle Moodle 2.7.1
668
VMScore
CVE-2014-3541
The Repositories component in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.11, 2.5.x prior to 2.5.7, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.1 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary code via serialized data associ...
Moodle Moodle 2.4.5
Moodle Moodle 2.4.7
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.4.8
Moodle Moodle 2.4.9
Moodle Moodle 2.4.10
Moodle Moodle 2.4.4
Moodle Moodle 2.4.6
Moodle Moodle 2.5.0
Moodle Moodle 2.5.2
Moodle Moodle 2.5.4
Moodle Moodle 2.5.5
Moodle Moodle 2.5.6
Moodle Moodle 2.5.1
Moodle Moodle 2.5.3
Moodle Moodle 2.7.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.10
Moodle Moodle 2.3.7
668
VMScore
CVE-2013-5674
badges/external.php in Moodle 2.5.x prior to 2.5.2 does not properly handle an object obtained by unserializing a description of an external badge, which allows remote malicious users to conduct PHP object injection attacks via unspecified vectors, as demonstrated by overwriting ...
Moodle Moodle 2.5.0
Moodle Moodle 2.5.1
1 Github repository
668
VMScore
CVE-2013-4313
Moodle up to and including 2.2.11, 2.3.x prior to 2.3.9, 2.4.x prior to 2.4.6, and 2.5.x prior to 2.5.2 does not prevent use of '\0' characters in query strings, which might allow remote malicious users to conduct SQL injection attacks against Microsoft SQL Server via a...
Moodle Moodle 2.3.3
Moodle Moodle 2.3.4
Moodle Moodle 2.3.5
Moodle Moodle 2.3.6
Moodle Moodle 2.2.9
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
Moodle Moodle 2.2.10
Moodle Moodle
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.5.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.7
Moodle Moodle 2.2.0
Moodle Moodle 2.2.5
Moodle Moodle 2.2.7
Moodle Moodle 2.5.0
Moodle Moodle 2.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »