Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.2.3 vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2012-4402
webservice/lib.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run arbitrary external-service functions via a token intended for only one servic...
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-4400
repository/repository_ajax.php in Moodle 2.2.x prior to 2.2.5 and 2.3.x prior to 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
5
CVSSv2
CVE-2012-4407
lib/filelib.php in Moodle 2.1.x prior to 2.1.8, 2.2.x prior to 2.2.5, and 2.3.x prior to 2.3.2 does not properly check the publication state of blog files, which allows remote malicious users to obtain sensitive information by reading a blog entry that references a non-public fil...
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-3388
The is_enrolled function in lib/accesslib.php in Moodle 2.2.x prior to 2.2.4 and 2.3.x prior to 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vectors that trigger cach...
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
6.5
CVSSv2
CVE-2012-3395
SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, and 2.2.x prior to 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data.
Moodle Moodle 2.0.2
Moodle Moodle 2.2.2
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 2.0.9
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.1.4
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
3.5
CVSSv2
CVE-2012-3393
Cross-site scripting (XSS) vulnerability in repository/lib.php in Moodle 2.1.x prior to 2.1.7 and 2.2.x prior to 2.2.4 allows remote authenticated administrators to inject arbitrary web script or HTML by renaming a repository.
Moodle Moodle 2.2.2
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
3.5
CVSSv2
CVE-2012-3396
Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, 2.2.x prior to 2.2.4, and 2.3.x prior to 2.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the idnumber field. NOTE: t...
Moodle Moodle 2.0.2
Moodle Moodle 2.2.2
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 2.0.9
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.1.4
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-3397
lib/modinfolib.php in Moodle 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, 2.2.x prior to 2.2.4, and 2.3.x prior to 2.3.1 does not check for a group-membership requirement when determining whether an activity is unavailable or hidden, which allows remote authenticated users to byp...
Moodle Moodle 2.0.2
Moodle Moodle 2.2.2
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 2.0.9
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.1.4
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
5
CVSSv2
CVE-2012-3394
auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, 2.2.x prior to 2.2.4, and 2.3.x prior to 2.3.1 redirects users from an https LDAP login URL to an http URL, which allows remote malicious users to obtain sensitive information by sniffing the net...
Moodle Moodle 2.2.2
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
4.3
CVSSv2
CVE-2012-3389
Multiple cross-site scripting (XSS) vulnerabilities in mod/lti/typessettings.php in Moodle 2.2.x prior to 2.2.4 and 2.3.x prior to 2.3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) lti_typename or (2) lti_toolurl parameter.
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »