Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.1.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2012-0801
lib/formslib.php in Moodle 2.1.x prior to 2.1.4 and 2.2.x prior to 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
668
VMScore
CVE-2008-4810
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote malicious users to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a doub...
Smarty Smarty 2.6.0
Smarty Smarty 2.4.0
Smarty Smarty 2.3.1
Smarty Smarty 1.5.1
Smarty Smarty 1.5.0
Smarty Smarty 1.4.0
Smarty Smarty 1.2.0
Smarty Smarty 1.1.0
Smarty Smarty 1.0b
Smarty Smarty 2.6.7
Smarty Smarty 2.6.9
Smarty Smarty 2.6.11
Smarty Smarty 2.6.12
Smarty Smarty 2.5.0
Smarty Smarty 2.3.0
Smarty Smarty 2.2.0
Smarty Smarty 2.1.1
Smarty Smarty 1.4.6
Smarty Smarty 1.4.5
Smarty Smarty 1.3.2
Smarty Smarty 1.0a
Smarty Smarty 1.0
668
VMScore
CVE-2008-4811
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 r2797 and previous versions allows remote malicious users to execute arbitrary PHP code via vectors related to templates and a \ (backslash) before a dollar-sign character.
Smarty Smarty 2.6.14
Smarty Smarty 2.6.15
Smarty Smarty 2.6.16
Smarty Smarty 2.4.2
Smarty Smarty 2.4.1
Smarty Smarty 2.0.1
Smarty Smarty 2.0.0
Smarty Smarty 1.4.3
Smarty Smarty 1.4.2
Smarty Smarty 1.4.1
Smarty Smarty 1.2.2
Smarty Smarty 1.2.1
Smarty Smarty 2.6.10
Smarty Smarty 2.6.17
Smarty Smarty 2.6.6
Smarty Smarty 2.6.0
Smarty Smarty 2.4.0
Smarty Smarty 2.3.1
Smarty Smarty 1.5.2
Smarty Smarty 1.5.1
Smarty Smarty 1.4.0
Smarty Smarty 1.2.0
605
VMScore
CVE-2014-0214
login/token.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 creates a MoodleMobile web-service token with an infinite lifetime, which makes it easier for remote malicious users to hijack sessions via a brute-force at...
Moodle Moodle 2.0.6
Moodle Moodle 2.0.7
Moodle Moodle 2.0.8
Moodle Moodle 2.0.9
Moodle Moodle 2.2.10
Moodle Moodle 2.2.11
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.3.5
Moodle Moodle 2.3.6
Moodle Moodle 2.3.7
Moodle Moodle 2.3.8
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.5.5
Moodle Moodle 2.0.2
Moodle Moodle 2.0.4
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
605
VMScore
CVE-2014-0213
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 allow remote malicious users to hijack the authentication ...
Moodle Moodle 2.0.8
Moodle Moodle 2.0.9
Moodle Moodle 2.1.0
Moodle Moodle 2.1.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.7
Moodle Moodle 2.3.8
Moodle Moodle 2.3.9
Moodle Moodle 2.4.0
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.5.5
Moodle Moodle 2.6.0
Moodle Moodle 2.0.5
Moodle Moodle 2.0.7
Moodle Moodle 2.1.10
Moodle Moodle 2.1.3
Moodle Moodle 2.2.0
Moodle Moodle 2.2.10
605
VMScore
CVE-2014-0126
Cross-site request forgery (CSRF) vulnerability in enrol/imsenterprise/importnow.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.9, 2.5.x prior to 2.5.5, and 2.6.x prior to 2.6.2 allows remote malicious users to hijack the authentication of administrators for request...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.8
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.6
Moodle Moodle 2.2.11
Moodle Moodle 2.2.3
Moodle Moodle 2.6.0
Moodle Moodle 2.5.0
Moodle Moodle 2.4.0
Moodle Moodle 2.4.2
Moodle Moodle 2.3.0
Moodle Moodle 2.3.10
Moodle Moodle 2.3.7
Moodle Moodle 2.3.9
Moodle Moodle 2.0.3
Moodle Moodle 2.0.4
Moodle Moodle 2.0.5
Moodle Moodle 2.0.6
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
Moodle Moodle 2.2.0
605
VMScore
CVE-2014-0010
Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.11, 2.4.x prior to 2.4.8, 2.5.x prior to 2.5.4, and 2.6.x prior to 2.6.1 allow remote malicious users to hijack the authentication of admi...
Moodle Moodle 2.4.2
Moodle Moodle 2.4.4
Moodle Moodle 2.4.6
Moodle Moodle 2.4.7
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.5
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Moodle Moodle 2.6.0
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.5.0
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.8
Moodle Moodle 2.1.0
Moodle Moodle 2.1.6
Moodle Moodle 2.1.8
Moodle Moodle 2.2.3
605
VMScore
CVE-2013-4524
Directory traversal vulnerability in repository/filesystem/lib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path.
Moodle Moodle 2.5.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.4
Moodle Moodle 2.3.4
Moodle Moodle 2.3.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.10
Moodle Moodle 2.1.0
Moodle Moodle 2.0.3
Moodle Moodle 2.0.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.4
Moodle Moodle 1.9.14
Moodle Moodle 1.9.12
Moodle Moodle 1.8.7
Moodle Moodle 1.8.5
Moodle Moodle 1.8.13
Moodle Moodle 1.8.11
Moodle Moodle 1.7.3
605
VMScore
CVE-2011-4587
lib/moodlelib.php in Moodle 1.9.x prior to 1.9.15, 2.0.x prior to 2.0.6, and 2.1.x prior to 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote malicious users to obtain access by leveraging the possible existence of user ac...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.5
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
605
VMScore
CVE-2011-4298
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x prior to 2.0.5 and 2.1.x prior to 2.1.2 allow remote malicious users to hijack the authentication of arbitrary users for requests that modify wiki data.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 2.0.0
Moodle Moodle 2.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »