Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.2.2 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2012-5472
lib/formslib.php in Moodle 2.2.x prior to 2.2.6 and 2.3.x prior to 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.
Moodle Moodle 2.2.2
Moodle Moodle 2.3.1
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.5
Moodle Moodle 2.3.2
Moodle Moodle 2.2.4
4
CVSSv2
CVE-2012-5473
The Database activity module in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an advanced search.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.8
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.1.7
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-4400
repository/repository_ajax.php in Moodle 2.2.x prior to 2.2.5 and 2.3.x prior to 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-4401
Moodle 2.2.x prior to 2.2.5 and 2.3.x prior to 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabilities.
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-3388
The is_enrolled function in lib/accesslib.php in Moodle 2.2.x prior to 2.2.4 and 2.3.x prior to 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vectors that trigger cach...
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-3391
mod/forum/rsslib.php in Moodle 2.1.x prior to 2.1.7 and 2.2.x prior to 2.2.4 does not properly implement the requirement for posting before reading a Q&A forum, which allows remote authenticated users to bypass intended access restrictions by leveraging the student role and r...
Moodle Moodle 2.2.2
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
4
CVSSv2
CVE-2012-3397
lib/modinfolib.php in Moodle 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, 2.2.x prior to 2.2.4, and 2.3.x prior to 2.3.1 does not check for a group-membership requirement when determining whether an activity is unavailable or hidden, which allows remote authenticated users to byp...
Moodle Moodle 2.0.2
Moodle Moodle 2.2.2
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.3
Moodle Moodle 2.0.9
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.1.4
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-3398
Algorithmic complexity vulnerability in Moodle 1.9.x prior to 1.9.19, 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, and 2.2.x prior to 2.2.4 allows remote authenticated users to cause a denial of service (CPU consumption) by using the advanced-search feature on a database activity...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.17
Moodle Moodle 2.2.2
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.18
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.16
Moodle Moodle 2.1.5
Moodle Moodle 1.9.3
Moodle Moodle 2.1.6
Moodle Moodle 2.0.6
4
CVSSv2
CVE-2012-2367
Moodle 1.9.x prior to 1.9.18, 2.0.x prior to 2.0.9, 2.1.x prior to 2.1.6, and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass the moodle/calendar:manageownentries capability requirement and add a calendar entry via a New Entry action.
Moodle Moodle 1.9.4
Moodle Moodle 1.9.17
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.16
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.6
4
CVSSv2
CVE-2012-2353
Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »