Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.1.3 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2012-0801
lib/formslib.php in Moodle 2.1.x prior to 2.1.4 and 2.2.x prior to 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
605
VMScore
CVE-2014-0213
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 allow remote malicious users to hijack the authentication ...
Moodle Moodle 2.0.8
Moodle Moodle 2.0.9
Moodle Moodle 2.1.0
Moodle Moodle 2.1.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.7
Moodle Moodle 2.3.8
Moodle Moodle 2.3.9
Moodle Moodle 2.4.0
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.5.5
Moodle Moodle 2.6.0
Moodle Moodle 2.0.5
Moodle Moodle 2.0.7
Moodle Moodle 2.1.10
Moodle Moodle 2.1.3
Moodle Moodle 2.2.0
Moodle Moodle 2.2.10
605
VMScore
CVE-2014-0214
login/token.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.3 creates a MoodleMobile web-service token with an infinite lifetime, which makes it easier for remote malicious users to hijack sessions via a brute-force at...
Moodle Moodle 2.0.6
Moodle Moodle 2.0.7
Moodle Moodle 2.0.8
Moodle Moodle 2.0.9
Moodle Moodle 2.2.10
Moodle Moodle 2.2.11
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.3.5
Moodle Moodle 2.3.6
Moodle Moodle 2.3.7
Moodle Moodle 2.3.8
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.5.4
Moodle Moodle 2.5.5
Moodle Moodle 2.0.2
Moodle Moodle 2.0.4
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.9
605
VMScore
CVE-2014-0126
Cross-site request forgery (CSRF) vulnerability in enrol/imsenterprise/importnow.php in Moodle up to and including 2.3.11, 2.4.x prior to 2.4.9, 2.5.x prior to 2.5.5, and 2.6.x prior to 2.6.2 allows remote malicious users to hijack the authentication of administrators for request...
Moodle Moodle 2.0.1
Moodle Moodle 2.0.8
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.6
Moodle Moodle 2.2.11
Moodle Moodle 2.2.3
Moodle Moodle 2.6.0
Moodle Moodle 2.5.0
Moodle Moodle 2.4.0
Moodle Moodle 2.4.2
Moodle Moodle 2.3.0
Moodle Moodle 2.3.10
Moodle Moodle 2.3.7
Moodle Moodle 2.3.9
Moodle Moodle 2.0.3
Moodle Moodle 2.0.4
Moodle Moodle 2.0.5
Moodle Moodle 2.0.6
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
Moodle Moodle 2.2.0
605
VMScore
CVE-2014-0010
Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.11, 2.4.x prior to 2.4.8, 2.5.x prior to 2.5.4, and 2.6.x prior to 2.6.1 allow remote malicious users to hijack the authentication of admi...
Moodle Moodle 2.4.2
Moodle Moodle 2.4.4
Moodle Moodle 2.4.6
Moodle Moodle 2.4.7
Moodle Moodle 2.4.0
Moodle Moodle 2.4.1
Moodle Moodle 2.4.3
Moodle Moodle 2.4.5
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Moodle Moodle 2.6.0
Moodle Moodle 2.5.1
Moodle Moodle 2.5.2
Moodle Moodle 2.5.3
Moodle Moodle 2.5.0
Moodle Moodle 2.0.1
Moodle Moodle 2.0.3
Moodle Moodle 2.0.8
Moodle Moodle 2.1.0
Moodle Moodle 2.1.6
Moodle Moodle 2.1.8
Moodle Moodle 2.2.3
605
VMScore
CVE-2013-4524
Directory traversal vulnerability in repository/filesystem/lib.php in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7, and 2.5.x prior to 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path.
Moodle Moodle 2.5.1
Moodle Moodle 2.4.2
Moodle Moodle 2.4.4
Moodle Moodle 2.3.4
Moodle Moodle 2.3.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.10
Moodle Moodle 2.1.0
Moodle Moodle 2.0.3
Moodle Moodle 2.0.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.4
Moodle Moodle 1.9.14
Moodle Moodle 1.9.12
Moodle Moodle 1.8.7
Moodle Moodle 1.8.5
Moodle Moodle 1.8.13
Moodle Moodle 1.8.11
Moodle Moodle 1.7.3
605
VMScore
CVE-2011-4587
lib/moodlelib.php in Moodle 1.9.x prior to 1.9.15, 2.0.x prior to 2.0.6, and 2.1.x prior to 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote malicious users to obtain access by leveraging the possible existence of user ac...
Moodle Moodle 2.0.2
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 2.0.1
Moodle Moodle 1.9.11
Moodle Moodle 2.1.2
Moodle Moodle 2.0.4
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 2.0.3
Moodle Moodle 2.1.1
Moodle Moodle 1.9.3
Moodle Moodle 2.0.5
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.0
578
VMScore
CVE-2013-1836
Moodle 2.x up to and including 2.1.10, 2.2.x prior to 2.2.8, 2.3.x prior to 2.3.5, and 2.4.x prior to 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveragi...
Moodle Moodle 2.0.7
Moodle Moodle 2.0.6
Moodle Moodle 2.0.8
Moodle Moodle 2.0.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.9
Moodle Moodle 2.1.1
Moodle Moodle 2.1.10
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.9
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.8
Moodle Moodle 2.1.0
Moodle Moodle 2.2.3
578
VMScore
CVE-2012-5479
The Portfolio plugin in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.
Moodle Moodle 2.1.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.0
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
Moodle Moodle 2.3.0
578
VMScore
CVE-2012-5471
The Dropbox Repository File Picker in Moodle 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.6, and 2.3.x prior to 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout.
Moodle Moodle 2.1.0
Moodle Moodle 2.1.8
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.7
Moodle Moodle 2.1.3
Moodle Moodle 2.2.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »