Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.1.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4582
Open redirect vulnerability in the Calendar set page in Moodle 2.1.x prior to 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
NA
CVE-2012-0798
The self-enrolment functionality in Moodle 2.1.x prior to 2.1.4 and 2.2.x prior to 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
Moodle Moodle 2.2.0
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
NA
CVE-2012-0801
lib/formslib.php in Moodle 2.1.x prior to 2.1.4 and 2.2.x prior to 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
NA
CVE-2012-2353
Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.3
Moodle Moodle 2.1.1
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
NA
CVE-2012-2354
Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
NA
CVE-2012-2355
Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass question:use* capability requirements and add arbitrary questions to a quiz via the questions feature.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.2.2
NA
CVE-2012-2356
The question-bank functionality in Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a save_question action.
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
NA
CVE-2012-2366
mod/data/preset.php in Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.2.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
NA
CVE-2012-2357
The Multi-Authentication feature in the Central Authentication Service (CAS) functionality in auth/cas/cas_form.html in Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 does not use HTTPS, which allows remote malicious users to obtain credentials by sniffing the network.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
NA
CVE-2011-4581
mod/wiki/pagelib.php in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 allows remote authenticated users to discover the username of a wiki creator by visiting the history and deletion user interface.
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »