Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.2.5 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2012-4400
repository/repository_ajax.php in Moodle 2.2.x prior to 2.2.5 and 2.3.x prior to 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
4.3
CVSSv2
CVE-2013-4939
Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.0.0 up to and including 3.9.1, as used in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, 2.5.x prior to 2.5.1, and other products,...
Yahoo Yui 3.8.0
Moodle Moodle 2.3.4
Yahoo Yui 3.5.0
Moodle Moodle 2.2.2
Yahoo Yui 3.8.1
Yahoo Yui 3.6.0
Yahoo Yui 3.1.0
Moodle Moodle 2.3.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Yahoo Yui 3.7.0
Moodle Moodle 2.2.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.2.6
Yahoo Yui 3.10.0
Yahoo Yui 3.2.0
Yahoo Yui 3.7.2
Moodle Moodle 2.3.6
Yahoo Yui 3.9.0
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
4.3
CVSSv2
CVE-2013-4941
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 up to and including 3.9.1, as used in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, 2.5.x prior to 2.5.1, and other produ...
Yahoo Yui 3.8.0
Moodle Moodle 2.3.4
Yahoo Yui 3.5.0
Moodle Moodle 2.2.2
Yahoo Yui 3.8.1
Yahoo Yui 3.6.0
Yahoo Yui 3.1.0
Moodle Moodle 2.3.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Yahoo Yui 3.7.0
Moodle Moodle 2.2.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.2.6
Yahoo Yui 3.10.0
Yahoo Yui 3.2.0
Yahoo Yui 3.7.2
Moodle Moodle 2.3.6
Yahoo Yui 3.9.0
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
4.3
CVSSv2
CVE-2013-4940
Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.10.2, as used in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, 2.5.x prior to 2.5.1, and other products, allows remote malicious ...
Yahoo Yui 3.8.0
Moodle Moodle 2.3.4
Yahoo Yui 3.5.0
Moodle Moodle 2.2.2
Yahoo Yui 3.8.1
Yahoo Yui 3.6.0
Yahoo Yui 3.1.0
Moodle Moodle 2.3.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Yahoo Yui 3.7.0
Moodle Moodle 2.2.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.2.6
Yahoo Yui 3.10.0
Yahoo Yui 3.2.0
Yahoo Yui 3.7.2
Moodle Moodle 2.3.6
Yahoo Yui 3.9.0
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
5
CVSSv2
CVE-2013-1830
user/view.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote malicious users to obtain sensitive course-profile information by leveraging the guest ...
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Moodle Moodle 2.2.2
Moodle Moodle 2.2.6
Moodle Moodle 2.2.1
Moodle Moodle 2.2.7
Moodle Moodle 2.2.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.0
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.3
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 1.9.17
5
CVSSv2
CVE-2013-1831
lib/setuplib.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 allows remote malicious users to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 1.9.17
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.8
Moodle Moodle 2.0.1
Moodle Moodle 1.6.5
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Moodle Moodle 2.0.4
Moodle Moodle 1.4.5
5
CVSSv2
CVE-2013-4522
lib/filelib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote malicious users to obtain sensitive information by requesting a file that...
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
Moodle Moodle 2.0.1
3.5
CVSSv2
CVE-2013-4523
Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted message.
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
Moodle Moodle 2.0.1
6.8
CVSSv2
CVE-2013-4524
Directory traversal vulnerability in repository/filesystem/lib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path.
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
Moodle Moodle 2.0.1
3.5
CVSSv2
CVE-2013-4525
Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an an...
Moodle Moodle 2.3.8
Moodle Moodle 1.8.13
Moodle Moodle 2.0.2
Moodle Moodle 2.5.1
Moodle Moodle 1.9.4
Moodle Moodle 1.5.2
Moodle Moodle 2.3.4
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.8
Moodle Moodle 1.6.1
Moodle Moodle 2.3.1
Moodle Moodle 1.9.6
Moodle Moodle 1.8.2
Moodle Moodle 1.9.9
Moodle Moodle 1.2.1
Moodle Moodle 2.4.3
Moodle Moodle 1.4.2
Moodle Moodle 2.4.1
Moodle Moodle 1.6.8
Moodle Moodle 2.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »