Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.7.3 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2015-5272
The Forum module in Moodle 2.7.x prior to 2.7.10 allows remote authenticated users to post to arbitrary groups by leveraging the teacher role, as demonstrated by a post directed to "all participants."
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.7.5
Moodle Moodle 2.7.4
Moodle Moodle 2.7.9
Moodle Moodle 2.7.8
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
7.4
CVSSv3
CVE-2015-3272
Open redirect vulnerability in the clean_param function in lib/moodlelib.php in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.9, 2.8.x prior to 2.8.7, and 2.9.x prior to 2.9.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing atta...
Moodle Moodle 2.8.4
Moodle Moodle 2.8.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.4
Moodle Moodle 2.6.7
Moodle Moodle 2.6.6
Moodle Moodle 2.9.0
Moodle Moodle 2.8.0
Moodle Moodle 2.7.8
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle 2.6.2
Moodle Moodle 2.6.10
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle 2.6.9
Moodle Moodle 2.6.8
Moodle Moodle 2.6.1
Moodle Moodle 2.6.0
Moodle Moodle 2.8.2
6.1
CVSSv3
CVE-2015-3274
Cross-site scripting (XSS) vulnerability in the user_get_user_details function in user/lib.php in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.9, 2.8.x prior to 2.8.7, and 2.9.x prior to 2.9.1 allows remote malicious users to inject arbitrary web script or HTML by levera...
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.7.1
Moodle Moodle 2.6.4
Moodle Moodle 2.6.3
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle 2.6.8
Moodle Moodle 2.6.7
Moodle Moodle 2.6.1
Moodle Moodle 2.6.0
Moodle Moodle 2.8.4
Moodle Moodle 2.8.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.4
Moodle Moodle 2.6.6
Moodle Moodle 2.6.5
Moodle Moodle 2.9.0
6.1
CVSSv3
CVE-2015-3275
Multiple cross-site scripting (XSS) vulnerabilities in the SCORM module in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.9, 2.8.x prior to 2.8.7, and 2.9.x prior to 2.9.1 allow remote malicious users to inject arbitrary web script or HTML via a crafted organization name t...
Moodle Moodle 2.9.0
Moodle Moodle 2.8.7
Moodle Moodle 2.8.0
Moodle Moodle 2.7.9
Moodle Moodle 2.7.8
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle 2.8.4
Moodle Moodle 2.8.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.4
Moodle Moodle 2.9.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle
4.3
CVSSv3
CVE-2016-0724
The (1) core_enrol_get_course_enrolment_methods and (2) enrol_self_get_instance_info web services in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.12, 2.8.x prior to 2.8.10, 2.9.x prior to 2.9.4, and 3.0.x prior to 3.0.2 do not consider the moodle/course:viewhiddencourses...
Moodle Moodle 2.7.10
Moodle Moodle 2.8.9
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.8
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle
Moodle Moodle 3.0.0
Moodle Moodle 2.7.11
Moodle Moodle 2.9.0
Moodle Moodle 2.8.7
Moodle Moodle 2.8.0
Moodle Moodle 2.7.9
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle 3.0.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.7.3
NA
CVE-2015-1493
Directory traversal vulnerability in the min_get_slash_argument function in lib/configonlylib.php in Moodle up to and including 2.5.9, 2.6.x prior to 2.6.8, 2.7.x prior to 2.7.5, and 2.8.x prior to 2.8.3 allows remote authenticated users to read arbitrary files via a .. (dot dot)...
Moodle Moodle 2.7.1
Moodle Moodle 2.5.1
Moodle Moodle 2.5.3
Moodle Moodle 2.5.7
Moodle Moodle 2.7.2
Moodle Moodle 2.6.7
Moodle Moodle 2.7.4
Moodle Moodle 2.5.5
Moodle Moodle 2.6.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.8
Moodle Moodle 2.5.6
Moodle Moodle
Moodle Moodle 2.6.5
Moodle Moodle 2.7.3
Moodle Moodle 2.6.2
Moodle Moodle 2.7.0
Moodle Moodle 2.6.8
Moodle Moodle 2.8.1
Moodle Moodle 2.6.4
Moodle Moodle 2.5.4
Moodle Moodle 2.6.3
NA
CVE-2015-2267
mdeploy.php in Moodle up to and including 2.5.9, 2.6.x prior to 2.6.9, 2.7.x prior to 2.7.6, and 2.8.x prior to 2.8.4 allows remote authenticated users to bypass intended access restrictions and extract archives to arbitrary directories via a crafted dataroot value.
Moodle Moodle
Moodle Moodle 2.5.8
Moodle Moodle 2.5.7
Moodle Moodle 2.5.6
Moodle Moodle 2.6.2
Moodle Moodle 2.6.1
Moodle Moodle 2.6.0
Moodle Moodle 2.7.5
Moodle Moodle 2.5.1
Moodle Moodle 2.5.0
Moodle Moodle 2.6.8
Moodle Moodle 2.6.7
Moodle Moodle 2.8.3
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.8.0
Moodle Moodle 2.5.5
Moodle Moodle 2.5.3
Moodle Moodle 2.6.5
Moodle Moodle 2.6.3
Moodle Moodle 2.7.4
Moodle Moodle 2.7.2
NA
CVE-2015-2268
filter/urltolink/filter.php in Moodle up to and including 2.5.9, 2.6.x prior to 2.6.9, 2.7.x prior to 2.7.6, and 2.8.x prior to 2.8.4 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an...
Moodle Moodle 2.5.0
Moodle Moodle 2.6.8
Moodle Moodle 2.6.7
Moodle Moodle 2.6.6
Moodle Moodle 2.8.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.5.8
Moodle Moodle 2.5.7
Moodle Moodle 2.5.6
Moodle Moodle 2.5.5
Moodle Moodle 2.6.1
Moodle Moodle 2.6.0
Moodle Moodle 2.7.5
Moodle Moodle 2.7.4
Moodle Moodle 2.7.3
Moodle Moodle
Moodle Moodle 2.5.4
Moodle Moodle 2.5.2
Moodle Moodle 2.6.4
Moodle Moodle 2.6.2
Moodle Moodle 2.7.1
NA
CVE-2015-2269
Multiple cross-site scripting (XSS) vulnerabilities in lib/javascript-static.js in Moodle up to and including 2.5.9, 2.6.x prior to 2.6.9, 2.7.x prior to 2.7.6, and 2.8.x prior to 2.8.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) alt or (2) t...
Moodle Moodle 2.5.6
Moodle Moodle 2.5.5
Moodle Moodle 2.5.4
Moodle Moodle 2.5.3
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
Moodle Moodle 2.7.4
Moodle Moodle 2.6.1
Moodle Moodle 2.6.2
Moodle Moodle 2.6.3
Moodle Moodle 2.6.4
Moodle Moodle 2.8.3
Moodle Moodle 2.5.8
Moodle Moodle 2.5.1
Moodle Moodle 2.6.0
Moodle Moodle 2.6.5
Moodle Moodle 2.6.7
Moodle Moodle 2.7.0
Moodle Moodle 2.7.5
Moodle Moodle 2.8.1
Moodle Moodle
1 EDB exploit
NA
CVE-2015-2270
lib/moodlelib.php in Moodle up to and including 2.5.9, 2.6.x prior to 2.6.9, 2.7.x prior to 2.7.6, and 2.8.x prior to 2.8.4, when the theme uses the blocks-regions feature, establishes the course state at an incorrect point in the login-validation process, which allows remote mal...
Moodle Moodle 2.5.6
Moodle Moodle 2.5.7
Moodle Moodle 2.5.8
Moodle Moodle 2.5.0
Moodle Moodle 2.5.1
Moodle Moodle 2.6.5
Moodle Moodle 2.6.6
Moodle Moodle 2.6.7
Moodle Moodle 2.6.8
Moodle Moodle
Moodle Moodle 2.7.4
Moodle Moodle 2.7.5
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.5.3
Moodle Moodle 2.5.5
Moodle Moodle 2.6.0
Moodle Moodle 2.6.2
Moodle Moodle 2.6.4
Moodle Moodle 2.7.0
Moodle Moodle 2.7.2
Moodle Moodle 2.8.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »