Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-40314
A remote code execution risk when restoring backup files originating from Moodle 1.9 was identified.
Moodle Moodle
9.8
CVSSv3
CVE-2022-40315
A limited SQL injection risk was identified in the "browse list of users" site administration page.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
4.3
CVSSv3
CVE-2022-40316
The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.
Moodle Moodle
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
4.3
CVSSv3
CVE-2021-40692
Insufficient capability checks made it possible for teachers to download users outside of their courses.
Moodle Moodle
6.5
CVSSv3
CVE-2021-40693
An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability.
Moodle Moodle
4.3
CVSSv3
CVE-2021-40695
It was possible for a student to view their quiz grade before it had been released, using a quiz web service.
Moodle Moodle
4.3
CVSSv3
CVE-2021-40691
A session hijack risk was identified in the Shibboleth authentication plugin.
Moodle Moodle
4.9
CVSSv3
CVE-2021-40694
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.
Moodle Moodle
5.4
CVSSv3
CVE-2021-36568
In certain Moodle products after creating a course, it is possible to add in a arbitrary "Topic" a resource, in this case a "Database" with the type "Text" where its values "Field name" and "Field description" are vulnerable to Cr...
Moodle Moodle 3.10.4
Moodle Moodle 3.9.7
Moodle Moodle 3.11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5.3
CVSSv3
CVE-2020-1755
In Moodle prior to 3.8.2, 3.7.5, 3.6.9 and 3.5.11, X-Forwarded-For headers could be used to spoof a user's IP, in order to bypass remote address checks.
Moodle Moodle
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »