Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-3393
Cross-site scripting (XSS) vulnerability in repository/lib.php in Moodle 2.1.x prior to 2.1.7 and 2.2.x prior to 2.2.4 allows remote authenticated administrators to inject arbitrary web script or HTML by renaming a repository.
Moodle Moodle 2.1.4
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.1.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
NA
CVE-2012-0800
The form-autocompletion functionality in Moodle 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 makes it easier for physically proximate malicious users to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a crea...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
NA
CVE-2012-3394
auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, 2.2.x prior to 2.2.4, and 2.3.x prior to 2.3.1 redirects users from an https LDAP login URL to an http URL, which allows remote malicious users to obtain sensitive information by sniffing the net...
Moodle Moodle 2.2.2
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
NA
CVE-2012-4402
webservice/lib.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run arbitrary external-service functions via a token intended for only one servic...
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
NA
CVE-2012-4407
lib/filelib.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 does not properly check the publication state of blog files, which allows remote malicious users to obtain sensitive information by reading a blog entry that references a non-public fil...
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.7
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.3
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
NA
CVE-2012-4408
course/reset.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass intended access restrictions via a reset operation.
Moodle Moodle 2.1.5
Moodle Moodle 2.1.7
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
NA
CVE-2011-4294
The error-message functionality in Moodle 1.9.x prior to 1.9.13, 2.0.x prior to 2.0.4, and 2.1.x prior to 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow malicious users to trick users into visiting ar...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2012-5471
The Dropbox Repository File Picker in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
NA
CVE-2012-5473
The Database activity module in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an advanced search.
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
NA
CVE-2012-5479
The Portfolio plugin in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.0
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »