Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.2.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-3388
The is_enrolled function in lib/accesslib.php in Moodle 2.2.x prior to 2.2.4 and 2.3.x prior to 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vectors that trigger cach...
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.2.3
Moodle Moodle 2.3.0
Moodle Moodle 2.2.2
NA
CVE-2012-3389
Multiple cross-site scripting (XSS) vulnerabilities in mod/lti/typessettings.php in Moodle 2.2.x prior to 2.2.4 and 2.3.x prior to 2.3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) lti_typename or (2) lti_toolurl parameter.
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.3.0
NA
CVE-2012-4400
repository/repository_ajax.php in Moodle 2.2.x prior to 2.2.5 and 2.3.x prior to 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.
Moodle Moodle 2.2.2
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.3
Moodle Moodle 2.3.0
Moodle Moodle 2.3.1
NA
CVE-2012-4401
Moodle 2.2.x prior to 2.2.5 and 2.3.x prior to 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabilities.
Moodle Moodle 2.2.4
Moodle Moodle 2.2.0
Moodle Moodle 2.2.1
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.3.1
Moodle Moodle 2.3.0
NA
CVE-2012-5472
lib/formslib.php in Moodle 2.2.x prior to 2.2.6 and 2.3.x prior to 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.
Moodle Moodle 2.2.2
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.3.1
Moodle Moodle 2.3.2
NA
CVE-2012-3391
mod/forum/rsslib.php in Moodle 2.1.x prior to 2.1.7 and 2.2.x prior to 2.2.4 does not properly implement the requirement for posting before reading a Q&A forum, which allows remote authenticated users to bypass intended access restrictions by leveraging the student role and r...
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.2.0
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.2.3
NA
CVE-2012-3392
mod/forum/unsubscribeall.php in Moodle 2.1.x prior to 2.1.7 and 2.2.x prior to 2.2.4 does not consider whether a forum is optional, which allows remote authenticated users to bypass forum-subscription requirements by leveraging the student role and unsubscribing from all forums.
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.1.2
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
NA
CVE-2012-3393
Cross-site scripting (XSS) vulnerability in repository/lib.php in Moodle 2.1.x prior to 2.1.7 and 2.2.x prior to 2.2.4 allows remote authenticated administrators to inject arbitrary web script or HTML by renaming a repository.
Moodle Moodle 2.1.4
Moodle Moodle 2.1.6
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.0
Moodle Moodle 2.1.5
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
NA
CVE-2012-3390
lib/filelib.php in Moodle 2.1.x prior to 2.1.7 and 2.2.x prior to 2.2.4 does not properly restrict file access after a block has been hidden, which allows remote authenticated users to obtain sensitive information by reading a file that is embedded in a block.
Moodle Moodle 2.2.2
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.1.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.3
Moodle Moodle 2.1.4
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
NA
CVE-2012-6101
Multiple open redirect vulnerabilities in Moodle 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via vectors related to (1) backup/backupfilesedit.php, (2) comm...
Moodle Moodle 2.2.4
Moodle Moodle 2.2.5
Moodle Moodle 2.2.0
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.2.6
Moodle Moodle 2.3.0
Moodle Moodle 2.3.2
Moodle Moodle 2.3.3
Moodle Moodle 2.3.1
Moodle Moodle 2.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »