Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4278
Cross-site scripting (XSS) vulnerability in the tag autocomplete functionality in Moodle 1.9.x prior to 1.9.11 and 2.0.x prior to 2.0.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
NA
CVE-2011-4283
Moodle 1.9.x prior to 1.9.11 and 2.0.x prior to 2.0.2 places an IMS enterprise enrolment file in the course-files area, which allows remote malicious users to obtain sensitive information via a request for imsenterprise-enrol.xml.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
NA
CVE-2011-4286
Multiple cross-site scripting (XSS) vulnerabilities in the media-filter implementation in filter/mediaplugin/filter.php in Moodle 1.9.x prior to 1.9.11 and 2.0.x prior to 2.0.2 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) Flash Vid...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.2
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
NA
CVE-2011-4288
Moodle 1.9.x prior to 1.9.12 and 2.0.x prior to 2.0.3 does not properly implement associations between teachers and groups, which allows remote authenticated users to read quiz reports of arbitrary students by leveraging the teacher role.
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
NA
CVE-2011-4294
The error-message functionality in Moodle 1.9.x prior to 1.9.13, 2.0.x prior to 2.0.4, and 2.1.x prior to 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow malicious users to trick users into visiting ar...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
NA
CVE-2012-2361
Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the name field (ak...
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.6
Moodle Moodle 2.0.0
Moodle Moodle 2.0.7
Moodle Moodle 2.0.5
Moodle Moodle 2.0.8
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
NA
CVE-2012-2364
Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/h...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
NA
CVE-2012-2365
Cross-site scripting (XSS) vulnerability in Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the idnumber field to cohort/edit.php.
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 2.0.8
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.2.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
NA
CVE-2012-2359
admin/roles/override.php in Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to gain privileges by leveraging the teacher role and modifying their own capabilities, as demonstrated by obtaining the backup:userinfo capab...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
NA
CVE-2012-2358
Moodle 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass an activity's read-only state and modify the database by leveraging the student role and editing database activity entries that already exist.
Moodle Moodle 2.0.3
Moodle Moodle 2.0.1
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.0.4
Moodle Moodle 2.0.2
Moodle Moodle 2.0.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.2
Moodle Moodle 2.1.4
Moodle Moodle 2.2.2
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »