Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.1.6 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2012-2353
Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.3
Moodle Moodle 2.1.1
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
4
CVSSv2
CVE-2012-2354
Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
5
CVSSv2
CVE-2012-2357
The Multi-Authentication feature in the Central Authentication Service (CAS) functionality in auth/cas/cas_form.html in Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 does not use HTTPS, which allows remote malicious users to obtain credentials by sniffing the network.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
4.3
CVSSv2
CVE-2013-4939
Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.0.0 up to and including 3.9.1, as used in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, 2.5.x prior to 2.5.1, and other products,...
Yahoo Yui 3.8.0
Moodle Moodle 2.3.4
Yahoo Yui 3.5.0
Moodle Moodle 2.2.2
Yahoo Yui 3.8.1
Yahoo Yui 3.6.0
Yahoo Yui 3.1.0
Moodle Moodle 2.3.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.1
Yahoo Yui 3.7.0
Moodle Moodle 2.2.9
Moodle Moodle 2.1.2
Moodle Moodle 2.4.2
Moodle Moodle 2.2.6
Yahoo Yui 3.10.0
Yahoo Yui 3.2.0
Yahoo Yui 3.7.2
Moodle Moodle 2.3.6
Yahoo Yui 3.9.0
Moodle Moodle 2.1.10
Moodle Moodle 2.1.8
4.3
CVSSv2
CVE-2013-4940
Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.10.2, as used in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, 2.5.x prior to 2.5.1, and other products, allows remote malicious ...
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Yahoo Yui 3.1.2
Yahoo Yui 3.3.0
Yahoo Yui 3.6.0
Yahoo Yui 3.7.1
Yahoo Yui 3.10.0
Yahoo Yui 3.10.2
Moodle Moodle 2.2.0
Moodle Moodle 2.2.7
Moodle Moodle 2.4.4
Moodle Moodle 2.4.2
Moodle Moodle 2.3.5
Moodle Moodle 2.3.3
Moodle Moodle 2.3.4
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Yahoo Yui 3.4.0
Yahoo Yui 3.4.1
4.3
CVSSv2
CVE-2013-4941
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 up to and including 3.9.1, as used in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.11, 2.3.x prior to 2.3.8, 2.4.x prior to 2.4.5, 2.5.x prior to 2.5.1, and other produ...
Moodle Moodle 2.1.8
Moodle Moodle 2.1.0
Moodle Moodle 2.1.9
Yahoo Yui 3.0.0
Yahoo Yui 3.7.3
Yahoo Yui 3.8.0
Yahoo Yui 3.8.1
Yahoo Yui 3.9.0
Moodle Moodle 2.2.6
Moodle Moodle 2.2.5
Moodle Moodle 2.5.0
Moodle Moodle 2.4.0
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Yahoo Yui 3.3.0
Yahoo Yui 3.4.0
Yahoo Yui 3.4.1
Yahoo Yui 3.5.0
Yahoo Yui 3.5.1
Moodle Moodle 2.2.3
5
CVSSv2
CVE-2013-1830
user/view.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote malicious users to obtain sensitive course-profile information by leveraging the guest ...
Fedoraproject Fedora 18
Fedoraproject Fedora 17
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.7
Moodle Moodle 2.2.6
Moodle Moodle 2.2.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.4
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
Moodle Moodle 2.3.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
Moodle Moodle 2.0.3
Moodle Moodle 2.0.7
5
CVSSv2
CVE-2013-1831
lib/setuplib.php in Moodle up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 allows remote malicious users to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
Moodle Moodle 2.1.10
Moodle Moodle 2.1.5
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 1.8.8
Moodle Moodle 1.5
Moodle Moodle 1.6.3
Moodle Moodle 1.3.1
Moodle Moodle 1.9.8
Moodle Moodle 1.8.14
Moodle Moodle 1.5.2
Moodle Moodle 1.5.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.10
Moodle Moodle 1.8.9
Moodle Moodle 1.9.2
3.5
CVSSv2
CVE-2013-4523
Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted message.
Moodle Moodle 2.5.2
Moodle Moodle 2.4.0
Moodle Moodle 2.4.5
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.7
Moodle Moodle 2.2.9
Moodle Moodle 2.2.2
Moodle Moodle 2.2.10
Moodle Moodle 2.1.7
Moodle Moodle 2.1.5
Moodle Moodle 2.5.1
Moodle Moodle 2.4.6
Moodle Moodle 2.3.9
Moodle Moodle 2.3.1
Moodle Moodle 2.3.8
Moodle Moodle 2.2.8
Moodle Moodle 2.2.3
Moodle Moodle
Moodle Moodle 2.1.6
Moodle Moodle 2.1.4
Moodle Moodle 2.0.8
3.5
CVSSv2
CVE-2013-4525
Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an an...
Moodle Moodle 2.4.6
Moodle Moodle 2.4.1
Moodle Moodle 2.3.1
Moodle Moodle 2.3.3
Moodle Moodle 2.3.8
Moodle Moodle 2.2.8
Moodle Moodle 2.2.6
Moodle Moodle
Moodle Moodle 2.2.1
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.0.8
Moodle Moodle 2.0.6
Moodle Moodle 2.0.4
Moodle Moodle 1.9.9
Moodle Moodle 1.9.7
Moodle Moodle 1.9.17
Moodle Moodle 1.9.15
Moodle Moodle 1.8.8
Moodle Moodle 1.8.3
Moodle Moodle 1.8.14
Moodle Moodle 1.7.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »