Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 1.7.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-3555
Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 allows remote malicious users to inject arbitrary web script or HTML via a style expression in the search parameter, a different vulnerability than CVE-2004-1424.
Moodle Moodle 1.7.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-1429
Multiple PHP remote file inclusion vulnerabilities in Moodle 1.7.1 allow remote malicious users to execute arbitrary PHP code via a URL in the cmd parameter to (1) admin/utfdbmigrate.php or (2) filter.php.
Moodle Moodle 1.7.1
2.6
CVSSv2
CVE-2008-3326
Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1.6.x prior to 1.6.7 and 1.7.x prior to 1.7.5 allows remote malicious users to inject arbitrary web script or HTML via the etitle parameter (blog entry title).
Moodle Moodle 1.6.0
Moodle Moodle 1.6.1
Moodle Moodle 1.6.2
Moodle Moodle 1.7.2
Moodle Moodle 1.7.3
Moodle Moodle 1.6.3
Moodle Moodle 1.6.4
Moodle Moodle 1.7.4
Moodle Moodle 1.6.5
Moodle Moodle 1.6.6
Moodle Moodle 1.7.1
6.4
CVSSv2
CVE-2009-0499
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to delete unauthorized forum posts via a link or IMG tag to post.php.
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.9.3
Moodle Moodle 1.8.1
Moodle Moodle 1.8.7
4.3
CVSSv2
CVE-2009-0502
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4, allows remote malicious users to inject arbitrary web script or HTML via an HTML block, wh...
Snoopy Snoopy 1.2.3
Moodle Moodle 1.7.4
Moodle Moodle 1.7.5
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.7.0
Moodle Moodle 1.7.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.7.2
Moodle Moodle 1.7.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.6
Moodle Moodle 1.8.1
Moodle Moodle 1.9.1
4.3
CVSSv2
CVE-2009-0500
Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to inject arbitrary web script or HTML via crafted log table information that is not properly hand...
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.6.6
Moodle Moodle 1.6.8
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.6.7
Moodle Moodle 1.6.3
Moodle Moodle 1.6.5
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.6.0
Moodle Moodle 1.6.4
Moodle Moodle 1.8.1
4.3
CVSSv2
CVE-2009-1171
The TeX filter in Moodle 1.6 prior to 1.6.9+, 1.7 prior to 1.7.7+, 1.8 prior to 1.8.9, and 1.9 prior to 1.9.5 allows user-assisted malicious users to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.
Moodle Moodle 1.6.4
Moodle Moodle 1.6.1
Moodle Moodle 1.7.1
Moodle Moodle 1.8.5
Moodle Moodle 1.8.4
Moodle Moodle 1.9.3
Moodle Moodle 1.6.7
Moodle Moodle 1.6.8
Moodle Moodle 1.7.6
Moodle Moodle 1.8.2
Moodle Moodle 1.8.1
Moodle Moodle 1.8.8
Moodle Moodle 1.9.4
Moodle Moodle 1.6.3
Moodle Moodle 1.6.5
Moodle Moodle 1.6.0
Moodle Moodle 1.7.4
Moodle Moodle 1.7.5
Moodle Moodle 1.8.3
Moodle Moodle 1.8.6
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
1 EDB exploit
4.3
CVSSv2
CVE-2008-5432
Cross-site scripting (XSS) vulnerability in Moodle prior to 1.6.8, 1.7 prior to 1.7.6, 1.8 prior to 1.8.7, and 1.9 prior to 1.9.3 allows remote malicious users to inject arbitrary web script or HTML via a Wiki page name (aka page title).
Moodle Moodle 1.6.6
Moodle Moodle 1.6.5
Moodle Moodle 1.5
Moodle Moodle 1.4.5
Moodle Moodle 1.3.2
Moodle Moodle 1.3.1
Moodle Moodle 1.7.4
Moodle Moodle 1.7.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.5
Moodle Moodle 1.6.4
Moodle Moodle 1.6.3
Moodle Moodle 1.4.4
Moodle Moodle 1.4.3
Moodle Moodle 1.3.0
Moodle Moodle 1.2.1
Moodle Moodle 1.7.2
Moodle Moodle 1.7.1
Moodle Moodle 1.8.6
Moodle Moodle 1.9.0
Moodle Moodle 1.6.1
Moodle Moodle 1.6.0
4.3
CVSSv2
CVE-2008-1502
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare prior to 1.4.003, Moodle prior to 1.8.5, and other products, allows remote malicious users to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string contai...
Moodle Moodle 1.8.1
Moodle Moodle 1.6.7
Moodle Moodle 1.5.0
Moodle Moodle 1.5.3
Moodle Moodle 1.4.2
Moodle Moodle 1.4.1
Moodle Moodle 1.2.0
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.7.4
Moodle Moodle 1.7.3
Moodle Moodle 1.6.4
Moodle Moodle 1.6.3
Moodle Moodle 1.6.2
Moodle Moodle 1.5
Moodle Moodle 1.4.5
Moodle Moodle 1.3.2
Moodle Moodle 1.3.1
Egroupware Egroupware 1.0.3
Egroupware Egroupware 1.0.1
Moodle Moodle 1.7.6
Moodle Moodle 1.7.5
4.3
CVSSv2
CVE-2010-2228
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle prior to 1.8.13 and 1.9.x prior to 1.9.9 allows remote malicious users to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Moodle Moodle 1.1.1
Moodle Moodle 1.2.0
Moodle Moodle 1.4.1
Moodle Moodle 1.4.2
Moodle Moodle 1.5.3
Moodle Moodle 1.5.0
Moodle Moodle 1.6.7
Moodle Moodle 1.6.8
Moodle Moodle 1.2.1
Moodle Moodle 1.3.0
Moodle Moodle 1.4.3
Moodle Moodle 1.4.4
Moodle Moodle 1.6.0
Moodle Moodle 1.6.1
Moodle Moodle 1.7.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.9
Moodle Moodle 1.8.10
Moodle Moodle 1.3.1
Moodle Moodle 1.3.2
Moodle Moodle 1.4.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »