Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.8.8 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2015-5332
Atto in Moodle 2.8.x prior to 2.8.9 and 2.9.x prior to 2.9.3 allows remote malicious users to cause a denial of service (disk consumption) by leveraging the guest role and entering drafts with the editor-autosave feature.
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 2.8.8
Moodle Moodle 2.9.1
Moodle Moodle 2.8.1
Moodle Moodle 2.8.5
Moodle Moodle 2.9.2
Moodle Moodle 2.8.2
Moodle Moodle 2.8.0
Moodle Moodle 2.9.0
6.8
CVSSv2
CVE-2016-3734
Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, 2.8 up to and including 2.8.11, 2.7 up to and including 2.7.13 and previous versions allows remote malicious users to hijack the authentication...
Moodle Moodle 2.7.1
Moodle Moodle 2.7.0
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.7.6
Moodle Moodle 2.7.11
Moodle Moodle 2.7.2
Moodle Moodle 2.7.4
Moodle Moodle 2.9.4
Moodle Moodle 2.8.9
Moodle Moodle 2.7.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 3.0.2
Moodle Moodle 2.7.12
Moodle Moodle 3.0.0
Moodle Moodle 2.7.10
Moodle Moodle 2.7.5
Moodle Moodle 3.0.1
Moodle Moodle 2.7.3
Moodle Moodle 2.8.8
6.8
CVSSv2
CVE-2016-2157
Cross-site request forgery (CSRF) vulnerability in mod/assign/adminmanageplugins.php in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.13, 2.8.x prior to 2.8.11, 2.9.x prior to 2.9.5, and 3.0.x prior to 3.0.3 allows remote malicious users to hijack the authentication of ad...
Moodle Moodle 2.7.1
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.7.6
Moodle Moodle 2.7.11
Moodle Moodle 2.7.2
Moodle Moodle 2.7.4
Moodle Moodle 2.9.4
Moodle Moodle 2.8.9
Moodle Moodle 2.7.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 3.0.2
Moodle Moodle 2.7.12
Moodle Moodle
Moodle Moodle 2.7.10
Moodle Moodle 2.7.5
Moodle Moodle 3.0.1
Moodle Moodle 2.7.3
Moodle Moodle 2.8.8
Moodle Moodle 2.7.0
6.8
CVSSv2
CVE-2015-5338
Multiple cross-site request forgery (CSRF) vulnerabilities in the lesson module in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 allow remote malicious users to hijack the authentication of arbitrary users for requests to...
Moodle Moodle 2.7.1
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.7.6
Moodle Moodle 2.7.2
Moodle Moodle 2.7.4
Moodle Moodle 2.7.9
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle
Moodle Moodle 2.7.10
Moodle Moodle 2.7.5
Moodle Moodle 2.7.3
Moodle Moodle 2.8.8
Moodle Moodle 2.7.0
Moodle Moodle 2.9.1
Moodle Moodle 2.8.1
Moodle Moodle 2.8.5
Moodle Moodle 2.9.2
Moodle Moodle 2.7.8
Moodle Moodle 2.8.2
Moodle Moodle 2.7.7
5.8
CVSSv2
CVE-2016-5013
In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.
Moodle Moodle 2.9.6
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.9.4
Moodle Moodle 3.1.0
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 3.0.4
Moodle Moodle 3.0.2
Moodle Moodle 2.8.12
Moodle Moodle 3.0.1
Moodle Moodle 2.8.8
Moodle Moodle 3.0.0
Moodle Moodle 2.9.1
Moodle Moodle 2.8.1
Moodle Moodle 2.9.5
Moodle Moodle 2.8.11
Moodle Moodle
Moodle Moodle 2.8.5
Moodle Moodle 3.0.3
5.8
CVSSv2
CVE-2016-5014
In Moodle 2.x and 3.x, an unenrolled user still receives event monitor notifications even though they can no longer access the course.
Moodle Moodle 2.9.6
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.9.4
Moodle Moodle 3.1.0
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 3.0.4
Moodle Moodle 3.0.2
Moodle Moodle 2.8.12
Moodle Moodle 3.0.1
Moodle Moodle 2.8.8
Moodle Moodle 3.0.0
Moodle Moodle 2.9.1
Moodle Moodle 2.8.1
Moodle Moodle 2.9.5
Moodle Moodle 2.8.11
Moodle Moodle 2.8.5
Moodle Moodle 3.0.3
Moodle Moodle 2.9.2
5.5
CVSSv2
CVE-2015-5264
The lesson module in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.10, 2.8.x prior to 2.8.8, and 2.9.x prior to 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role.
Moodle Moodle 2.7.1
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.7.6
Moodle Moodle 2.7.2
Moodle Moodle 2.7.4
Moodle Moodle 2.7.9
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle
Moodle Moodle 2.7.5
Moodle Moodle 2.7.3
Moodle Moodle 2.7.0
Moodle Moodle 2.9.1
Moodle Moodle 2.8.1
Moodle Moodle 2.8.5
Moodle Moodle 2.7.8
Moodle Moodle 2.8.2
Moodle Moodle 2.7.7
Moodle Moodle 2.8.0
Moodle Moodle 2.9.0
5
CVSSv2
CVE-2016-3731
Moodle 3.0 up to and including 3.0.3, 2.9 up to and including 2.9.5, and 2.8 up to and including 2.8.11 allows remote malicious users to obtain the names of hidden forums and forum discussions.
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.9.4
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.4
Moodle Moodle 2.8.6
Moodle Moodle 3.0.2
Moodle Moodle 3.0.0
Moodle Moodle 3.0.1
Moodle Moodle 2.8.8
Moodle Moodle 2.9.1
Moodle Moodle 2.8.1
Moodle Moodle 2.9.5
Moodle Moodle 2.8.11
Moodle Moodle 2.8.5
Moodle Moodle 3.0.3
Moodle Moodle 2.9.2
Moodle Moodle 2.9.3
Moodle Moodle 2.8.2
Moodle Moodle 2.8.0
Moodle Moodle 2.9.0
5
CVSSv2
CVE-2017-2576
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
Moodle Moodle 2.9.6
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 3.0.7
Moodle Moodle 2.9.4
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.4
Moodle Moodle 3.0.5
Moodle Moodle 2.8.6
Moodle Moodle 3.0.4
Moodle Moodle
Moodle Moodle 3.0.2
Moodle Moodle 2.8.12
Moodle Moodle 3.1.2
Moodle Moodle 2.9.7
Moodle Moodle 3.0.1
Moodle Moodle 2.8.8
Moodle Moodle 3.2.0
Moodle Moodle 3.0.0
5
CVSSv2
CVE-2016-8642
In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.
Moodle Moodle 2.9.6
Moodle Moodle 2.8.3
Moodle Moodle 2.8.7
Moodle Moodle 2.9.4
Moodle Moodle 3.1.0
Moodle Moodle 3.0.6
Moodle Moodle 2.8.9
Moodle Moodle 2.8.10
Moodle Moodle 2.8.4
Moodle Moodle 3.0.5
Moodle Moodle 2.8.6
Moodle Moodle 3.0.4
Moodle Moodle 3.0.2
Moodle Moodle 2.8.12
Moodle Moodle 3.1.2
Moodle Moodle 2.9.7
Moodle Moodle 3.0.1
Moodle Moodle 2.8.8
Moodle Moodle 3.0.0
Moodle Moodle 2.9.1
Moodle Moodle 2.8.1
Moodle Moodle 2.9.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »