Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.7.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-3547
Multiple cross-site scripting (XSS) vulnerabilities in badges/renderer.php in Moodle 2.5.x prior to 2.5.7, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.1 allow remote malicious users to inject arbitrary web script or HTML via an external badge.
Moodle Moodle 2.5.0
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.6.3
Moodle Moodle 2.6.0
Moodle Moodle 2.6.2
Moodle Moodle 2.5.6
Moodle Moodle 2.6.1
Moodle Moodle 2.7.0
Moodle Moodle 2.5.5
4.3
CVSSv2
CVE-2014-3548
Multiple cross-site scripting (XSS) vulnerabilities in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.11, 2.5.x prior to 2.5.7, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.1 allow remote malicious users to inject arbitrary web script or HTML via vectors that trigger an AJ...
Moodle Moodle 2.5.6
Moodle Moodle 2.5.0
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.4.8
Moodle Moodle 2.4.9
Moodle Moodle 2.6.2
Moodle Moodle 2.6.1
Moodle Moodle 2.3.10
Moodle Moodle
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.4.10
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.3
Moodle Moodle 2.3.1
Moodle Moodle 2.3.4
Moodle Moodle 2.3.6
Moodle Moodle 2.5.4
Moodle Moodle 2.7.0
4.3
CVSSv2
CVE-2014-3549
Cross-site scripting (XSS) vulnerability in the get_description function in lib/classes/event/user_login_failed.php in Moodle 2.7.x prior to 2.7.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted username that is improperly handled during the log...
Moodle Moodle 2.7.0
4.3
CVSSv2
CVE-2014-3550
Multiple cross-site scripting (XSS) vulnerabilities in admin/tool/task/scheduledtasks.php in Moodle 2.7.x prior to 2.7.1 allow remote malicious users to inject arbitrary web script or HTML via vectors that trigger a crafted (1) error or (2) success message for a scheduled task.
Moodle Moodle 2.7.0
3.5
CVSSv2
CVE-2014-3551
Multiple cross-site scripting (XSS) vulnerabilities in the advanced-grading implementation in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.11, 2.5.x prior to 2.5.7, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.1 allow remote authenticated users to inject arbitrary web sc...
Moodle Moodle 2.5.6
Moodle Moodle 2.5.0
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.5.5
Moodle Moodle 2.3.1
Moodle Moodle 2.3.4
Moodle Moodle 2.3.6
Moodle Moodle 2.3.8
Moodle Moodle 2.3.9
Moodle Moodle 2.3.10
Moodle Moodle
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.3.0
Moodle Moodle 2.3.5
Moodle Moodle 2.3.7
Moodle Moodle 2.7.0
Moodle Moodle 2.6.3
Moodle Moodle 2.6.1
1 Github repository
4.9
CVSSv2
CVE-2014-3553
mod/forum/classes/post_form.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.11, 2.5.x prior to 2.5.7, 2.6.x prior to 2.6.4, and 2.7.x prior to 2.7.1 does not enforce the moodle/site:accessallgroups capability requirement before proceeding with a post to all groups, w...
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.5.0
Moodle Moodle 2.5.5
Moodle Moodle 2.5.6
Moodle Moodle 2.7.0
Moodle Moodle 2.3.7
Moodle Moodle 2.3.8
Moodle Moodle 2.3.9
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.10
Moodle Moodle
Moodle Moodle 2.3.3
Moodle Moodle 2.3.5
Moodle Moodle 2.3.2
Moodle Moodle 2.3.4
Moodle Moodle 2.3.6
Moodle Moodle 2.4.3
Moodle Moodle 2.4.4
4.3
CVSSv2
CVE-2010-4207
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 up to and including 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote malicious users to inject arbitrary web script or HTML via vectors related to charts/assets/charts...
Yahoo Yui 2.7.0
Yahoo Yui 2.8.0
Yahoo Yui 2.4.0
Yahoo Yui 2.8.1
Yahoo Yui 2.5.2
Yahoo Yui 2.6.0
Yahoo Yui 2.5.0
Yahoo Yui 2.5.1
4.3
CVSSv2
CVE-2010-4208
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 up to and including 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote malicious users to inject arbitrary web script or HTML via vectors related to uploader/assets/uplo...
Yahoo Yui 2.5.1
Yahoo Yui 2.5.2
Yahoo Yui 2.8.1
Yahoo Yui 2.5.0
Yahoo Yui 2.8.0
Yahoo Yui 2.6.0
Yahoo Yui 2.7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9