Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / moodle

moodle

629 tracked vulnerabilities.

Moodle 2.2.x < 2.2.5 and 2.3.x < 2.3.2 - Authenticated Capability Restriction Bypass

Moodle 2.2.x < 2.2.5 and 2.3.x < 2.3.2 - Authenticated Upload Size Restriction Bypass via maxbytes Field

Moodle 1.9.x-1.9.19 2.0.x-2.0.10 2.1.x-2.1.7 2.2.x-2.2.4 - Authenticated Denial of Service via Advanced Search

Moodle 2.0.x-2.0.10 2.1.x-2.1.7 2.2.x-2.2.4 2.3.x-2.3.1 - Authenticated Access Restriction Bypass via Activity Selection

Moodle 2.0.x-2.0.10, 2.1.x-2.1.7, 2.2.x-2.2.4, 2.3.x-2.3.1 - XSS via Cohort ID Field

Moodle 2.0.x-2.0.10, 2.1.x-2.1.7, 2.2.x-2.2.4 - Authenticated SQL Injection via Feedback Form Data

Moodle 2.0.x-2.0.10, 2.1.x-2.1.7, 2.2.x-2.2.4, 2.3.x-2.3.1 - Sensitive Info Exposure via LDAP Redirect

Moodle 2.1.x < 2.1.7 and 2.2.x < 2.2.4 - Authenticated Cross-Site Scripting via Repository Rename

Moodle <2.1.7 & <2.2.4 - Auth Bypass

Moodle 2.1.x-2.1.7 and 2.2.x-2.2.4 - Authenticated Access Restriction Bypass via RSS Feed

Moodle 2.1.x-2.1.7 and 2.2.x-2.2.4 - Authenticated Information Disclosure via Hidden Block File Access

Moodle 2.2.x < 2.2.4 and 2.3.x < 2.3.1 - Cross-Site Scripting via lti_typename or lti_toolurl Parameter

Moodle 2.2.x < 2.2.4 and 2.3.x < 2.3.1 - Authenticated Capability Check Bypass via Caching

Moodle 2.3.x < 2.3.1 - Authenticated File Upload Restriction Bypass

Moodle 1.9.x < 1.9.18, 2.0.x < 2.0.9, 2.1.x < 2.1.6, 2.2.x < 2.2.3 - Authenticated Capability Bypass via Calendar Entry

Moodle <2.1.6 & <2.2.3 - Info Disclosure

Moodle 2.0.x-2.0.9, 2.1.x-2.1.6, 2.2.x-2.2.3 - Authenticated Cross-Site Scripting via Cohort ID Number Field

Moodle 2.0.x < 2.0.9, 2.1.x < 2.1.6, 2.2.x < 2.2.3 - Authenticated Cross-Site Scripting via Assignment Submission

Moodle 1.9.x < 1.9.18 - Authenticated SQL Injection via Calendar Event

Moodle 1.9.x < 1.9.18 - Cross-Site Scripting in Blog Index Parameter

Moodle 2.0.x-2.0.8, 2.1.x-2.1.5, 2.2.x-2.2.2 - Authenticated Cross-Site Scripting via Web Service Name Field

Moodle 2.0.x-2.0.8, 2.1.x-2.1.5, 2.2.x-2.2.2 - Authenticated Cross-Site Scripting via Wiki Page Title

Moodle <2.0.9, <2.1.6, <2.2.3 - Privilege Escalation

Moodle <2.0.9-<2.1.6-<2.2.3 - Privilege Escalation

Moodle <2.1.6-2.2.3 - Info Disclosure

Previous Page 20 of 26 Next

Products

moodle 624 Jmol Plugin 2 Moodle LMS 1 saml_authentication 1 virtual_programming_lab 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy