Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.2.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4402
webservice/lib.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run arbitrary external-service functions via a token intended for only one servic...
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
NA
CVE-2012-4408
course/reset.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass intended access restrictions via a reset operation.
Moodle Moodle 2.1.5
Moodle Moodle 2.1.7
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
NA
CVE-2012-4407
lib/filelib.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 does not properly check the publication state of blog files, which allows remote malicious users to obtain sensitive information by reading a blog entry that references a non-public fil...
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.7
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.3
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
NA
CVE-2012-2360
Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted string that is inserted into a page title.
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.0.8
Moodle Moodle 2.0.4
Moodle Moodle 2.0.2
Moodle Moodle 2.0.3
Moodle Moodle 2.0.1
Moodle Moodle 2.0.7
Moodle Moodle 2.1.4
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.0
NA
CVE-2012-2365
Cross-site scripting (XSS) vulnerability in Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the idnumber field to cohort/edit.php.
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 2.0.8
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.2.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
NA
CVE-2012-5479
The Portfolio plugin in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.0
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
NA
CVE-2012-5480
The Database activity module in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote malicious users to bypass intended restrictions on reading other participants' entries via an advanced search.
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
NA
CVE-2012-5473
The Database activity module in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an advanced search.
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
NA
CVE-2012-2359
admin/roles/override.php in Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to gain privileges by leveraging the teacher role and modifying their own capabilities, as demonstrated by obtaining the backup:userinfo capab...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
NA
CVE-2012-2361
Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the name field (ak...
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.6
Moodle Moodle 2.0.0
Moodle Moodle 2.0.7
Moodle Moodle 2.0.5
Moodle Moodle 2.0.8
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »