Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.8.3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-26812
Cross Site Scripting (XSS) in the Jitsi Meet 2.7 up to and including 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows malicious users to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.
356
VMScore
CVE-2016-3733
The "restore teacher" feature in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to overwrite the course idnumber.
Moodle Moodle 2.7.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.6
Moodle Moodle 2.7.8
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.0
Moodle Moodle 3.0.2
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.3
Moodle Moodle 2.9.4
Moodle Moodle 2.7.2
Moodle Moodle 2.7.3
605
VMScore
CVE-2016-3734
Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13 and previous versions allows remote malicious users to hijack the authentication...
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.7.9
Moodle Moodle 2.7.10
Moodle Moodle 2.7.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.7.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.0
Moodle Moodle 2.7.4
Moodle Moodle 2.7.6
Moodle Moodle 2.7.13
Moodle Moodle 2.8.3
Moodle Moodle 2.8.8
356
VMScore
CVE-2016-3729
The user editing form in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to edit profile fields locked by the administrator.
Moodle Moodle 2.7.0
Moodle Moodle 2.7.13
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.4
Moodle Moodle 2.9.4
Moodle Moodle 2.9.5
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 2.7.1
Moodle Moodle 2.7.3
Moodle Moodle 2.7.5
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.7.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
445
VMScore
CVE-2016-3731
Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, and 2.8 up to and including 2.8.11 allows remote malicious users to obtain the names of hidden forums and forum discussions.
Moodle Moodle 2.9.0
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.2
Moodle Moodle 2.8.4
Moodle Moodle 2.8.11
Moodle Moodle 2.8.1
Moodle Moodle 2.9.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 2.9.3
Moodle Moodle 2.8.3
Moodle Moodle 2.8.5
Moodle Moodle 2.8.10
Moodle Moodle 2.8.0
Moodle Moodle 2.9.5
Moodle Moodle 3.0.2
356
VMScore
CVE-2016-3732
The capability check to access other badges in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13, and previous versions allows remote authenticated users to read the badges of other users.
Moodle Moodle 2.7.4
Moodle Moodle 2.7.5
Moodle Moodle 2.7.6
Moodle Moodle 2.7.7
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 2.7.0
Moodle Moodle 2.7.12
Moodle Moodle 2.7.13
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 2.8.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.4
Moodle Moodle 2.9.5
Moodle Moodle 3.0.3
Moodle Moodle 2.7.1
445
VMScore
CVE-2017-2576
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 3.0.5
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 2.8.11
Moodle Moodle 3.0.2
Moodle Moodle 2.9.9
Moodle Moodle 2.9.8
Moodle Moodle 2.9.7
Moodle Moodle 2.9.6
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.7
Moodle Moodle 3.2.0
Moodle Moodle 3.0.3
Moodle Moodle 3.0.1
Moodle Moodle 2.9.4
445
VMScore
CVE-2016-8642
In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.
Moodle Moodle 3.0.2
Moodle Moodle 2.9.8
Moodle Moodle 2.9.7
Moodle Moodle 2.9.6
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 2.8.8
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 3.0.5
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 2.8.11
Moodle Moodle 2.8.0
Moodle Moodle 3.1.2
Moodle Moodle 3.0.4
Moodle Moodle 3.0.0
Moodle Moodle 2.9.4
Moodle Moodle 2.9.1
356
VMScore
CVE-2016-8643
In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services.
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.1
Moodle Moodle 2.8.8
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle
Moodle Moodle 3.0.5
Moodle Moodle 3.0.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.0
Moodle Moodle 2.8.0
Moodle Moodle 2.8.1
Moodle Moodle 2.8.2
Moodle Moodle 2.8.3
Moodle Moodle 3.1.2
Moodle Moodle 3.1.0
Moodle Moodle 3.0.2
Moodle Moodle 2.9.7
Moodle Moodle 2.9.0
Moodle Moodle 2.8.11
445
VMScore
CVE-2016-8644
In Moodle 2.x and 3.x, the capability to view course notes is checked in the wrong context.
Moodle Moodle 3.1.2
Moodle Moodle 3.1.1
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 2.9.1
Moodle Moodle 2.9.2
Moodle Moodle 2.9.0
Moodle Moodle 2.8.12
Moodle Moodle 3.0.1
Moodle Moodle 3.0.2
Moodle Moodle 2.9.8
Moodle Moodle 2.9.7
Moodle Moodle 2.8.4
Moodle Moodle 2.8.5
Moodle Moodle 2.8.6
Moodle Moodle 2.8.7
Moodle Moodle 3.0.4
Moodle Moodle 3.0.0
Moodle Moodle 2.9.6
Moodle Moodle 2.9.4
Moodle Moodle 2.8.0
Moodle Moodle 2.8.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »