Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.3.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-4403
theme/yui_combo.php in Moodle 2.3.x prior to 2.3.2 does not properly construct error responses for the drag-and-drop script, which allows remote malicious users to obtain the installation path by sending a request for a nonexistent resource and then reading the response.
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
5
CVSSv2
CVE-2012-4407
lib/filelib.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 does not properly check the publication state of blog files, which allows remote malicious users to obtain sensitive information by reading a blog entry that references a non-public fil...
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
4.9
CVSSv2
CVE-2014-3553
mod/forum/classes/post_form.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.11, 2.5.x prior to 2.5.7, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.1 does not enforce the moodle/site:accessallgroups capability requirement before proceeding with a post to all groups, w...
Moodle Moodle 2.5.1
Moodle Moodle 2.5.3
Moodle Moodle 2.5.5
Moodle Moodle 2.5.2
Moodle Moodle 2.5.6
Moodle Moodle 2.5.4
Moodle Moodle 2.5.0
Moodle Moodle 2.7.0
Moodle Moodle 2.3.8
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.6
Moodle Moodle 2.3.10
Moodle Moodle 2.3.5
Moodle Moodle 2.3.3
Moodle Moodle
Moodle Moodle 2.3.7
Moodle Moodle 2.3.2
Moodle Moodle 2.3.9
Moodle Moodle 2.3.0
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
4.9
CVSSv2
CVE-2014-0122
mod/chat/chat_ajax.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.9, 2.5.x prior to 2.5.5, and 2.6.x prior to 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which allows remote authenticated users to bypass intended access restr...
Moodle Moodle 2.3.8
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 2.5.3
Moodle Moodle 2.3.4
Moodle Moodle 2.2.2
Moodle Moodle 2.3.1
Moodle Moodle 2.6.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Moodle Moodle 2.0.1
Moodle Moodle 2.5.2
Moodle Moodle 2.2.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.0.4
Moodle Moodle 2.2.6
Moodle Moodle 2.3.6
Moodle Moodle 2.4.6
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
Moodle Moodle 2.3.10
4.9
CVSSv2
CVE-2014-0123
The wiki subsystem in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.9, 2.5.x prior to 2.5.5, and 2.6.x prior to 2.6.2 does not properly restrict (1) view and (2) edit access, which allows remote authenticated users to perform wiki operations by leveraging the student role...
Moodle Moodle 2.3.8
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 2.5.3
Moodle Moodle 2.3.4
Moodle Moodle 2.2.2
Moodle Moodle 2.3.1
Moodle Moodle 2.6.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Moodle Moodle 2.0.1
Moodle Moodle 2.5.2
Moodle Moodle 2.2.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.0.4
Moodle Moodle 2.2.6
Moodle Moodle 2.3.6
Moodle Moodle 2.4.6
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
Moodle Moodle 2.3.10
4.9
CVSSv2
CVE-2014-0127
The time-validation implementation in (1) mod/feedback/complete.php and (2) mod/feedback/complete_guest.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.9, 2.5.x prior to 2.5.5, and 2.6.x prior to 2.6.2 allows remote authenticated users to bypass intended restrictions...
Moodle Moodle 2.3.8
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 2.5.3
Moodle Moodle 2.3.4
Moodle Moodle 2.2.2
Moodle Moodle 2.3.1
Moodle Moodle 2.6.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Moodle Moodle 2.0.1
Moodle Moodle 2.5.2
Moodle Moodle 2.2.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.0.4
Moodle Moodle 2.2.6
Moodle Moodle 2.3.6
Moodle Moodle 2.4.6
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
Moodle Moodle 2.3.10
4.9
CVSSv2
CVE-2012-4402
webservice/lib.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run arbitrary external-service functions via a token intended for only one servic...
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
4.6
CVSSv2
CVE-2013-3630
Moodle up to and including 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
1 EDB exploit
1 Metasploit module
4.3
CVSSv2
CVE-2014-3542
mod/lti/service.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.11, 2.5.x prior to 2.5.7, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.1 allows remote malicious users to read arbitrary files via an XML external entity declaration in conjunction with an entity referen...
Moodle Moodle 2.7.0
Moodle Moodle 2.6.1
Moodle Moodle 2.6.2
Moodle Moodle 2.6.3
Moodle Moodle 2.6.0
Moodle Moodle 2.3.8
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.6
Moodle Moodle 2.3.10
Moodle Moodle 2.3.5
Moodle Moodle 2.3.3
Moodle Moodle
Moodle Moodle 2.3.7
Moodle Moodle 2.3.2
Moodle Moodle 2.3.9
Moodle Moodle 2.3.0
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Moodle Moodle 2.4.9
Moodle Moodle 2.4.2
Moodle Moodle 2.4.6
4.3
CVSSv2
CVE-2014-3548
Multiple cross-site scripting (XSS) vulnerabilities in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.11, 2.5.x prior to 2.5.7, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.1 allow remote malicious users to inject arbitrary web script or HTML via vectors that trigger an AJ...
Moodle Moodle 2.3.8
Moodle Moodle 2.5.1
Moodle Moodle 2.5.3
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.5.5
Moodle Moodle 2.6.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Moodle Moodle 2.5.2
Moodle Moodle 2.4.9
Moodle Moodle 2.4.2
Moodle Moodle 2.3.6
Moodle Moodle 2.4.6
Moodle Moodle 2.5.6
Moodle Moodle 2.3.10
Moodle Moodle 2.3.5
Moodle Moodle 2.4.4
Moodle Moodle 2.6.2
Moodle Moodle 2.7.0
Moodle Moodle 2.3.3
Moodle Moodle
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »