Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.9.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2015-3273
mod/forum/post.php in Moodle 2.9.x prior to 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group ...
Moodle Moodle 2.9.0
6.1
CVSSv3
CVE-2015-3274
Cross-site scripting (XSS) vulnerability in the user_get_user_details function in user/lib.php in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.9, 2.8.x prior to 2.8.7, and 2.9.x prior to 2.9.1 allows remote malicious users to inject arbitrary web script or HTML by levera...
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.7.1
Moodle Moodle 2.6.4
Moodle Moodle 2.6.3
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle 2.6.8
Moodle Moodle 2.6.7
Moodle Moodle 2.6.1
Moodle Moodle 2.6.0
Moodle Moodle 2.8.4
Moodle Moodle 2.8.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.4
Moodle Moodle 2.6.6
Moodle Moodle 2.6.5
Moodle Moodle 2.9.0
6.1
CVSSv3
CVE-2015-3275
Multiple cross-site scripting (XSS) vulnerabilities in the SCORM module in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.9, 2.8.x prior to 2.8.7, and 2.9.x prior to 2.9.1 allow remote malicious users to inject arbitrary web script or HTML via a crafted organization name t...
Moodle Moodle 2.9.0
Moodle Moodle 2.8.7
Moodle Moodle 2.8.0
Moodle Moodle 2.7.9
Moodle Moodle 2.7.8
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle 2.8.4
Moodle Moodle 2.8.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.4
Moodle Moodle 2.9.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle
4.3
CVSSv3
CVE-2016-0724
The (1) core_enrol_get_course_enrolment_methods and (2) enrol_self_get_instance_info web services in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.12, 2.8.x prior to 2.8.10, 2.9.x prior to 2.9.4, and 3.0.x prior to 3.0.2 do not consider the moodle/course:viewhiddencourses...
Moodle Moodle 2.7.10
Moodle Moodle 2.8.9
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.7.8
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle
Moodle Moodle 3.0.0
Moodle Moodle 2.7.11
Moodle Moodle 2.9.0
Moodle Moodle 2.8.7
Moodle Moodle 2.8.0
Moodle Moodle 2.7.9
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle 3.0.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.7.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5