Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-1754
In Moodle prior to 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not restricted to viewing grades of users within their own groups.
Moodle Moodle
Moodle Moodle 3.8.1
Moodle Moodle 3.8.0
NA
CVE-2020-1691
In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.
Moodle Moodle 3.8.0
NA
CVE-2022-35649
The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerabilit...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
1 Github repository
NA
CVE-2022-35650
The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote malicious user to perform directory traversal attacks. The capability...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-35651
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user...
Moodle Moodle 4.0.0
Moodle Moodle
Moodle Moodle 4.0.1
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-35652
An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitrary URL/domain. Successful exp...
Moodle Moodle
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2022-35653
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script cod...
Moodle Moodle 4.0.0
Moodle Moodle
Moodle Moodle 4.0.1
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 8.0
1 Github repository
5
CVSSv2
CVE-2022-30597
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.
Moodle Moodle
Moodle Moodle 4.0.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
4
CVSSv2
CVE-2022-30598
A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.
Moodle Moodle
Moodle Moodle 4.0.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv2
CVE-2022-30599
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.
Moodle Moodle
Moodle Moodle 4.0.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »