Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.9.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4286
Multiple cross-site scripting (XSS) vulnerabilities in the media-filter implementation in filter/mediaplugin/filter.php in Moodle 1.9.x prior to 1.9.11 and 2.0.x prior to 2.0.2 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) Flash Vid...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
NA
CVE-2011-4301
The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x prior to 1.9.14, 2.0.x prior to 2.0.5, and 2.1.x prior to 2.1.2 does not recognize Forms API setConstant operations, which allows remote malicious users to submit unexpected form content by modifyi...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4305
message/refresh.php in Moodle 1.9.x prior to 1.9.14 allows remote authenticated users to cause a denial of service (infinite request loop) via a URL that specifies a zero wait time for message refreshing.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
NA
CVE-2011-4302
mnet/xmlrpc/client.php in MNET in Moodle 1.9.x prior to 1.9.14, 2.0.x prior to 2.0.5, and 2.1.x prior to 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote malicious users to bypass validation via a crafted certificate.
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4306
Cross-site scripting (XSS) vulnerability in course/editsection.html in Moodle 1.9.x prior to 1.9.14 allows remote authenticated users to inject arbitrary web script or HTML via crafted data.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
NA
CVE-2011-4308
mod/forum/user.php in Moodle 1.9.x prior to 1.9.14, 2.0.x prior to 2.0.5, and 2.1.x prior to 2.1.2 allows remote authenticated users to discover the names of other users via unspecified vectors.
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2011-4203
CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x prior to 1.9.15, 2.0.x prior to 2.0.6, 2.1.x prior to 2.1.3, and 2.2 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors i...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.5
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
NA
CVE-2010-2228
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Moodle Moodle 1.5.2
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
NA
CVE-2010-2229
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Moodle Moodle 1.5.2
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
NA
CVE-2010-2230
The KSES text cleaning filter in lib/weblib.php in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input.
Moodle Moodle 1.5.2
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.7
Moodle Moodle 1.8.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »