Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.3.0 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2012-3387
Moodle 2.3.x prior to 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrictions via a client that omits this check.
Moodle Moodle 2.3.0
4.3
CVSSv2
CVE-2012-3389
Multiple cross-site scripting (XSS) vulnerabilities in mod/lti/typessettings.php in Moodle 2.2.x prior to 2.2.4 and 2.3.x prior to 2.3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) lti_typename or (2) lti_toolurl parameter.
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
4
CVSSv2
CVE-2012-3397
lib/modinfolib.php in Moodle 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.7, 2.2.x prior to 2.2.4, and 2.3.x prior to 2.3.1 does not check for a group-membership requirement when determining whether an activity is unavailable or hidden, which allows remote authenticated users to byp...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.7
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.0.4
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.1.0
Moodle Moodle 2.2.3
Moodle Moodle 2.0.9
Moodle Moodle 2.0.8
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.0.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.0
Moodle Moodle 2.1.5
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
7.5
CVSSv2
CVE-2008-4810
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote malicious users to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a doub...
Smarty Smarty 2.6.0
Smarty Smarty 2.4.0
Smarty Smarty 2.3.1
Smarty Smarty 1.5.1
Smarty Smarty 1.5.0
Smarty Smarty 1.4.0
Smarty Smarty 1.2.0
Smarty Smarty 1.1.0
Smarty Smarty 1.0b
Smarty Smarty 2.6.7
Smarty Smarty 2.6.9
Smarty Smarty 2.6.11
Smarty Smarty 2.6.12
Smarty Smarty 2.5.0
Smarty Smarty 2.3.0
Smarty Smarty 2.2.0
Smarty Smarty 2.1.1
Smarty Smarty 1.4.6
Smarty Smarty 1.4.5
Smarty Smarty 1.3.2
Smarty Smarty 1.0a
Smarty Smarty 1.0
7.5
CVSSv2
CVE-2008-4811
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and previous versions allows remote malicious users to execute arbitrary PHP code via vectors related to templates and a \ (backslash) before a dollar-sign character.
Smarty Smarty 2.6.14
Smarty Smarty 2.6.15
Smarty Smarty 2.6.16
Smarty Smarty 2.4.2
Smarty Smarty 2.4.1
Smarty Smarty 2.0.1
Smarty Smarty 2.0.0
Smarty Smarty 1.4.3
Smarty Smarty 1.4.2
Smarty Smarty 1.4.1
Smarty Smarty 1.2.2
Smarty Smarty 1.2.1
Smarty Smarty 2.6.10
Smarty Smarty 2.6.17
Smarty Smarty 2.6.6
Smarty Smarty 2.6.0
Smarty Smarty 2.4.0
Smarty Smarty 2.3.1
Smarty Smarty 1.5.2
Smarty Smarty 1.5.1
Smarty Smarty 1.4.0
Smarty Smarty 1.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9