moodle

629 tracked vulnerabilities.

CVE-2015-2271
Moodle < 2.5.9, 2.6.x < 2.6.9, 2.7.x < 2.7.6, 2.8.x < 2.8.4 - Access Control Bypass
Jun 01, 2015
EPSS 0.00
CVE-2015-2270
Moodle <2.5.9, <2.6.9, <2.7.6, <2.8.4 - Info Disclosure
Jun 01, 2015
EPSS 0.00
CVE-2015-2269
Moodle < 2.5.9, 2.6.x < 2.6.9, 2.7.x < 2.7.6, 2.8.x < 2.8.4 - XSS via IMG Alt/Title
Jun 01, 2015
EPSS 0.01
CVE-2015-2268
Moodle < 2.5.9, 2.6.x < 2.6.9, 2.7.x < 2.7.6, 2.8.x < 2.8.4 - DoS via Regex
Jun 01, 2015
EPSS 0.01
CVE-2015-2267
Moodle < 2.5.9, 2.6.x < 2.6.9, 2.7.x < 2.7.6, 2.8.x < 2.8.4 - Arbitrary File Write via mdeploy.php
Jun 01, 2015
EPSS 0.00
CVE-2015-2266
Moodle < 2.5.9 and 2.6.x < 2.6.9 - Authenticated Exposure of Sensitive Information via Message Index
Jun 01, 2015
EPSS 0.00
CVE-2015-1493
Moodle < 2.5.9, 2.6.x < 2.6.8, 2.7.x < 2.7.5, 2.8.x < 2.8.3 - Authenticated Path Traversal via File Parameter
Jun 01, 2015
EPSS 0.01
CVE-2015-0218
Moodle < 2.5.9 and 2.6.x < 2.6.7 - Cross-Site Request Forgery in Shibboleth Logout
Jun 01, 2015
EPSS 0.00
CVE-2015-0217
Moodle < 2.5.9, 2.6.x < 2.6.7, 2.7.x < 2.7.4, 2.8.x < 2.8.2 - DoS via Regex
Jun 01, 2015
EPSS 0.01
CVE-2015-0216
Moodle 2.8.x < 2.8.2 - Authenticated Cross-Site Scripting in Lesson Module Essay Feedback
Jun 01, 2015
EPSS 0.00
CVE-2015-0215
Moodle < 2.5.9, 2.6.x < 2.6.7, 2.7.x < 2.7.4, 2.8.x < 2.8.2 - Sensitive Information Exposure via Calendar Web Services
Jun 01, 2015
EPSS 0.00
CVE-2015-0214
Moodle < 2.5.9, 2.6.x < 2.6.7, 2.7.x < 2.7.4, 2.8.x < 2.8.2 - Authenticated Bypass via Web Services
Jun 01, 2015
EPSS 0.00
CVE-2015-0213
Moodle < 2.5.9 and 2.6.x < 2.6.7 - Cross-Site Request Forgery in Glossary Module
Jun 01, 2015
EPSS 0.00
CVE-2015-0212
Moodle < 2.5.9, 2.6.x < 2.6.7, 2.7.x < 2.7.4, 2.8.x < 2.8.2 - Authenticated Cross-Site Scripting via Course Summary
Jun 01, 2015
EPSS 0.00
CVE-2015-0211
Moodle < 2.5.9, 2.6.x < 2.6.7, 2.7.x < 2.7.4, 2.8.x < 2.8.2 - Sensitive Information Exposure
Jun 01, 2015
EPSS 0.00
CVE-2014-9060
Moodle <2.4.11, 2.5.x-2.5.9, 2.6.x-2.6.6, 2.7.x-2.7.3 - CSRF
Nov 24, 2014
EPSS 0.00
CVE-2014-9059
Moodle <2.4.11, <2.5.9, <2.6.6, <2.7.3 - XSS
Nov 24, 2014
EPSS 0.00
CVE-2014-7848
Moodle < 2.4.11 and 2.6.0-2.6.6 - Sensitive Information Exposure via Direct Request to bootstrap.php
Nov 24, 2014
EPSS 0.00
CVE-2014-7847
Moodle < 2.4.11, 2.5.x < 2.5.9, 2.6.x < 2.6.6, 2.7.x < 2.7.3 - Denial of Service via IP Lookup
Nov 24, 2014
EPSS 0.01
CVE-2014-7846
Moodle < 2.4.11, 2.5.x < 2.5.9, 2.6.x < 2.6.6, 2.7.x < 2.7.3 - Authenticated Access Control Bypass via Tag Autocomplete
Nov 24, 2014
EPSS 0.00
CVE-2014-7845
Moodle < 2.4.11, 2.5.x < 2.5.9, 2.6.x < 2.6.6, 2.7.x < 2.7.3 - Weak Temporary Password Generation
Nov 24, 2014
EPSS 0.01
CVE-2014-7838
Moodle < 2.4.11 and 2.5.x < 2.5.9 - Cross-Site Request Forgery in Forum Module
Nov 24, 2014
EPSS 0.00
CVE-2014-7837
Moodle < 2.4.11, 2.5.x < 2.5.9, 2.6.x < 2.6.6, 2.7.x < 2.7.3 - Authenticated Wiki Page Deletion
Nov 24, 2014
EPSS 0.01
CVE-2014-7836
Moodle < 2.4.11 and 2.5.x < 2.5.9 - Cross-Site Request Forgery in LTI Module
Nov 24, 2014
EPSS 0.00
CVE-2014-7835
Moodle < 2.4.11 and 2.6.0-2.6.6 - Authenticated Stored Cross-Site Scripting via Profile Picture Upload
Nov 24, 2014
EPSS 0.00
Products
moodle 624 Jmol Plugin 2 Moodle LMS 1 saml_authentication 1 virtual_programming_lab 1
Quick Filters
Critical CVEs With Exploits In CISA KEV