Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0800
The form-autocompletion functionality in Moodle 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 makes it easier for physically proximate malicious users to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a crea...
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
NA
CVE-2012-0794
The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote malicious users to defeat cryptographic protection mechanis...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
NA
CVE-2012-0796
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1)...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
NA
CVE-2012-0793
Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 allows remote malicious users to view the profile images of arbitrary user accounts via unspecified vectors.
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
NA
CVE-2012-0795
Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 does not validate e-mail address settings, which allows remote authenticated users to have an unspecified impact via a crafted address.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.9.5
Moodle Moodle 1.9.12
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 1.9.7
Moodle Moodle 1.9.8
Moodle Moodle 1.9.10
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.14
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 1.9.15
Moodle Moodle 1.9.11
Moodle Moodle 1.9.9
NA
CVE-2012-0799
Moodle 2.0.x prior to 2.0.7 and 2.1.x prior to 2.1.4, when an anonymous front-page forum is enabled, allows remote malicious users to obtain session keys for their sessions by visiting the front page.
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.5
Moodle Moodle 2.0.6
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
NA
CVE-2011-4281
Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x prior to 2.0.2 allow remote malicious users to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course.
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2011-4282
Multiple cross-site scripting (XSS) vulnerabilities in the course-tags functionality in tag/coursetags_more.php in Moodle 2.0.x prior to 2.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) sort or (2) show parameter.
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2011-4284
Moodle 2.0.x prior to 2.0.2 allows remote malicious users to obtain sensitive information from a myprofile (aka My profile) block by visiting a user-context page.
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
NA
CVE-2011-4287
admin/uploaduser_form.php in Moodle 2.0.x prior to 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote malicious users to obtain access by leveraging knowledge of the initial password of a new user.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »