moodle

629 tracked vulnerabilities.

CVE-2014-7834
Moodle < 2.4.11 and 2.6.0-2.6.6 - Authenticated Forum Access via forum_get_discussions Web Service
Nov 24, 2014
EPSS 0.00
CVE-2014-7833
Moodle < 2.4.11, 2.5.x < 2.5.9, 2.6.x < 2.6.6, 2.7.x < 2.7.3 - Sensitive Information Exposure
Nov 24, 2014
EPSS 0.00
CVE-2014-7832
Moodle < 2.4.11, 2.5.x < 2.5.9, 2.6.x < 2.6.6, 2.7.x < 2.7.3 - Authenticated Access Control Bypass in LTI Module
Nov 24, 2014
EPSS 0.00
CVE-2014-7831
Moodle 2.7.0-2.7.2 - Authenticated Sensitive Information Exposure via get_grades Web Service
Nov 24, 2014
EPSS 0.00
CVE-2014-7830
Moodle < 2.4.11 and 2.5.x < 2.5.9 - Authenticated Cross-Site Scripting via Feedback Module Searchcourse Parameter
Nov 24, 2014
EPSS 0.00
CVE-2014-3617
Moodle < 2.4.11, 2.5.x < 2.5.8, 2.6.x < 2.6.5, 2.7.x < 2.7.2 - Authenticated Username Disclosure via Q&A Forum
Sep 15, 2014
EPSS 0.00
CVE-2014-3553
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - Access Control Bypass
Jul 29, 2014
EPSS 0.00
CVE-2014-3552
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7 - Authenticated Session Hijacking via Shibboleth Plugin
Jul 29, 2014
EPSS 0.00
CVE-2014-3551
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - XSS via Rubric Field
Jul 29, 2014
EPSS 0.00
CVE-2014-3550
Moodle 2.7.x - Cross-Site Scripting via Scheduled Task Error or Success Message
Jul 29, 2014
EPSS 0.00
CVE-2014-3549
Moodle 2.7.x - Cross-Site Scripting via Invalid Login Username
Jul 29, 2014
EPSS 0.00
CVE-2014-3548
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - XSS via AJAX Exception Dialog
Jul 29, 2014
EPSS 0.00
CVE-2014-3547
Moodle 2.5.0-2.5.6 - Cross-Site Scripting in Badges Renderer
Jul 29, 2014
EPSS 0.00
CVE-2014-3546
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - Information Disclosure
Jul 29, 2014
EPSS 0.00
CVE-2014-3545
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - RCE via Quiz Calculated Question
Jul 29, 2014
EPSS 0.01
CVE-2014-3544
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - Stored XSS via Skype ID
Jul 29, 2014
EPSS 0.01
CVE-2014-3543
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - XXE in IMSCP Manifest Parser
Jul 29, 2014
EPSS 0.00
CVE-2014-3542
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - XXE Injection via LTI
Jul 29, 2014
EPSS 0.00
CVE-2014-3541
Moodle < 2.3.11, 2.4.x < 2.4.11, 2.5.x < 2.5.7, 2.6.x < 2.6.4, 2.7.x < 2.7.1 - RCE via Serialized Data
Jul 29, 2014
EPSS 0.02
CVE-2014-0218
Moodle < 2.3.11, 2.4.x < 2.4.10, 2.5.x < 2.5.6, 2.6.x < 2.6.3 - Cross-Site Scripting in URL Downloader Repository
May 27, 2014
EPSS 0.00
CVE-2014-0217
Moodle 2.6.x <2.6.3 - Info Disclosure
May 27, 2014
EPSS 0.00
CVE-2014-0216
Moodle <2.3.11, <2.4.10, <2.5.6, <2.6.3 - Info Disclosure
May 27, 2014
EPSS 0.00
CVE-2014-0215
Moodle <2.4.10-2.6.3 - Info Disclosure
May 27, 2014
EPSS 0.00
CVE-2014-0214
Moodle <2.3.11-2.6.3 - Info Disclosure
May 27, 2014
EPSS 0.00
CVE-2014-0213
Moodle < 2.3.11, 2.4.x < 2.4.10, 2.5.x < 2.5.6, 2.6.x < 2.6.3 - Cross-Site Request Forgery in Assignment Quick-Grading
May 27, 2014
EPSS 0.00
Products
moodle 624 Jmol Plugin 2 Moodle LMS 1 saml_authentication 1 virtual_programming_lab 1
Quick Filters
Critical CVEs With Exploits In CISA KEV