Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.4.0 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2013-2079
mod/assign/locallib.php in the assignment module in Moodle 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.4 does not consider capability requirements during the processing of ZIP assignment-archive download (aka downloadall) requests, which allows remote authenticated users to read ...
Moodle Moodle 2.3.4
Moodle Moodle 2.3.3
Moodle Moodle 2.3.2
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.6
Moodle Moodle 2.3.5
Moodle Moodle 2.4.3
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
4
CVSSv2
CVE-2013-1832
repository/webdav/lib.php in Moodle 2.x up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by con...
Moodle Moodle 2.0.9
Moodle Moodle 2.0.8
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
Moodle Moodle 2.0.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.8
Moodle Moodle 2.1.0
Moodle Moodle 2.0.1
Moodle Moodle 2.0.7
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.10
Moodle Moodle 2.0.4
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.2.6
4
CVSSv2
CVE-2013-1834
notes/edit.php in Moodle 1.9.x up to and including 1.9.19, 2.x up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 allows remote authenticated users to reassign notes via a modified (1) userid or (2) courseid field.
Moodle Moodle 1.9.3
Moodle Moodle 1.9.5
Moodle Moodle 1.9.12
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.9.17
Moodle Moodle 1.9.6
Moodle Moodle 1.9.16
Moodle Moodle 1.9.7
Moodle Moodle 1.9.8
Moodle Moodle 1.9.10
Moodle Moodle 1.9.13
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.4
Moodle Moodle 1.9.9
Moodle Moodle 1.9.18
Moodle Moodle 1.9.19
Moodle Moodle 2.0.2
Moodle Moodle 2.0.9
Moodle Moodle 2.1.4
3.5
CVSSv2
CVE-2013-1835
Moodle 2.x up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.
Moodle Moodle 2.0.8
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.0.2
Moodle Moodle 2.0.9
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.1.9
Moodle Moodle 2.0.7
Moodle Moodle 2.0.6
Moodle Moodle 2.1.10
Moodle Moodle 2.1.7
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.3
Moodle Moodle 2.1.8
Moodle Moodle 2.2.3
6.5
CVSSv2
CVE-2013-1836
Moodle 2.x up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveragi...
Moodle Moodle 2.0.7
Moodle Moodle 2.0.6
Moodle Moodle 2.0.8
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.9
Moodle Moodle 2.1.1
Moodle Moodle 2.1.10
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.9
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.8
Moodle Moodle 2.1.0
Moodle Moodle 2.2.3
4
CVSSv2
CVE-2013-1829
calendar/managesubscriptions.php in Moodle 2.4.x prior to 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role.
Moodle Moodle 2.4.1
Moodle Moodle 2.4.0
5
CVSSv2
CVE-2013-1830
user/view.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote malicious users to obtain sensitive course-profile information by leveraging the guest ...
Fedoraproject Fedora 18
Fedoraproject Fedora 17
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.7
Moodle Moodle 2.2.6
Moodle Moodle 2.2.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
Moodle Moodle 2.0.3
Moodle Moodle 2.0.7
5
CVSSv2
CVE-2013-1831
lib/setuplib.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 allows remote malicious users to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 1.8.8
Moodle Moodle 1.5
Moodle Moodle 1.6.3
Moodle Moodle 1.3.1
Moodle Moodle 1.9.8
Moodle Moodle 1.8.14
Moodle Moodle 1.5.2
Moodle Moodle 1.5.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.10
Moodle Moodle 1.8.9
Moodle Moodle 1.9.2
3.5
CVSSv2
CVE-2013-1833
Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted filen...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.7
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.0.9
Moodle Moodle 2.0.8
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.0
Moodle Moodle 2.1.9
Moodle Moodle 2.0.4
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.10
Moodle Moodle 2.1.7
Moodle Moodle 2.0.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.8
Moodle Moodle 2.2.3
4
CVSSv2
CVE-2012-6100
report/outline/index.php in Moodle 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 does not properly enforce the moodle/user:viewhiddendetails capability requirement, which allows remote authenticated users to discover a hidden lastaccess value by reading an ...
Moodle Moodle 2.2.0
Moodle Moodle 2.2.6
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.3
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »