Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 3.2.2 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-7298
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.
Moodle Moodle 3.2.2
5.4
CVSSv3
CVE-2018-1045
In Moodle 3.x, there is XSS via a calendar event name.
Moodle Moodle 3.2.3
Moodle Moodle 3.2.5
Moodle Moodle 3.3.3
Moodle Moodle
Moodle Moodle 3.2.0
Moodle Moodle 3.2.1
Moodle Moodle 3.2.6
Moodle Moodle 3.3.0
Moodle Moodle 3.3.1
Moodle Moodle 3.3.2
Moodle Moodle 3.2.2
Moodle Moodle 3.2.4
6.5
CVSSv3
CVE-2018-1043
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.
Moodle Moodle 3.2.6
Moodle Moodle 3.3.1
Moodle Moodle 3.3.2
Moodle Moodle 3.3.3
Moodle Moodle 3.4.0
Moodle Moodle 3.2.1
Moodle Moodle 3.2.2
Moodle Moodle 3.2.3
Moodle Moodle 3.2.4
Moodle Moodle 3.2.0
Moodle Moodle 3.2.5
Moodle Moodle 3.3.0
6.5
CVSSv3
CVE-2018-1042
Moodle 3.x has Server Side Request Forgery in the filepicker.
Moodle Moodle 3.2.2
Moodle Moodle 3.2.4
Moodle Moodle 3.4.0
Moodle Moodle 3.2.6
Moodle Moodle 3.3.0
Moodle Moodle 3.3.1
Moodle Moodle 3.3.2
Moodle Moodle
Moodle Moodle 3.2.0
Moodle Moodle 3.2.1
Moodle Moodle 3.2.3
Moodle Moodle 3.2.5
Moodle Moodle 3.3.3
1 EDB exploit
1 Github repository
4.3
CVSSv3
CVE-2018-1044
In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.
Moodle Moodle
Moodle Moodle 3.2.1
Moodle Moodle 3.2.3
Moodle Moodle 3.3.1
Moodle Moodle 3.3.3
Moodle Moodle 3.2.4
Moodle Moodle 3.2.5
Moodle Moodle 3.2.6
Moodle Moodle 3.3.0
Moodle Moodle 3.2.0
Moodle Moodle 3.2.2
Moodle Moodle 3.3.2
Moodle Moodle 3.4.0
6.5
CVSSv3
CVE-2017-2642
Moodle 3.x has user fullname disclosure on the user preferences page.
Moodle Moodle 3.2.3
Moodle Moodle 3.1.6
Moodle Moodle 3.1.5
Moodle Moodle 3.1.4
Moodle Moodle 3.3.0
Moodle Moodle 3.2.0
Moodle Moodle 3.2.2
Moodle Moodle 3.1.3
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.3.1
Moodle Moodle 3.2.1
Moodle Moodle 3.1.2
6.5
CVSSv3
CVE-2017-7532
In Moodle 3.x, course creators are able to change system default settings for courses.
Moodle Moodle 3.3.1
Moodle Moodle 3.2.0
Moodle Moodle 3.1.3
Moodle Moodle 3.2.3
Moodle Moodle 3.1.6
Moodle Moodle 3.1.0
Moodle Moodle 3.3.0
Moodle Moodle 3.2.1
Moodle Moodle 3.2.2
Moodle Moodle 3.1.1
Moodle Moodle 3.1.2
Moodle Moodle 3.1.5
Moodle Moodle 3.1.4
4.3
CVSSv3
CVE-2017-12157
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
Moodle Moodle 3.3.0
Moodle Moodle 3.2.0
Moodle Moodle 3.2.1
Moodle Moodle 3.1.0
Moodle Moodle 3.1.2
Moodle Moodle 3.0.0
Moodle Moodle 3.0.3
Moodle Moodle 3.0.5
Moodle Moodle 3.3.1
Moodle Moodle 3.2.3
Moodle Moodle 3.2.4
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 3.1.3
Moodle Moodle 3.1.4
Moodle Moodle 3.1.5
Moodle Moodle 3.1.6
Moodle Moodle 3.1.7
Moodle Moodle 3.0.7
Moodle Moodle 3.0.8
Moodle Moodle 3.0.9
Moodle Moodle 3.0.10
6.1
CVSSv3
CVE-2017-12156
Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.
Moodle Moodle 3.3.2
Moodle Moodle 3.2.0
Moodle Moodle 3.1.1
Moodle Moodle 3.1.2
Moodle Moodle 3.1.3
Moodle Moodle 3.1.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.4
Moodle Moodle 3.0.5
Moodle Moodle 3.0.6
Moodle Moodle 3.3.0
Moodle Moodle 3.2.5
Moodle Moodle 3.1.0
Moodle Moodle 3.1.5
Moodle Moodle 3.1.7
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 3.0.7
Moodle Moodle 3.0.9
Moodle Moodle 3.2.1
Moodle Moodle 3.2.2
Moodle Moodle 3.2.3
4.3
CVSSv3
CVE-2017-7491
In Moodle 2.x and 3.x, a CSRF attack is possible that allows malicious users to change the "number of courses displayed in the course overview block" configuration setting.
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
Moodle Moodle 2.7.4
Moodle Moodle 2.7.17
Moodle Moodle 2.7.18
Moodle Moodle 3.0.0
Moodle Moodle 3.1.0
Moodle Moodle 3.1.1
Moodle Moodle 3.2.2
Moodle Moodle 2.7.0
Moodle Moodle 2.7.5
Moodle Moodle 2.7.7
Moodle Moodle 2.7.14
Moodle Moodle 2.7.16
Moodle Moodle 2.7.9
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
Moodle Moodle 3.0.2
Moodle Moodle 3.0.3
Moodle Moodle 3.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »