Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / moodle

moodle

629 tracked vulnerabilities.

Moodle 2.0.x-2.0.5 and 2.1.x-2.1.2 - Cross-Site Scripting via Section Parameter

Moodle < 1.9.14 - Authenticated Cross-Site Scripting in Course Section Editor

Moodle 1.9.x - Authenticated Denial of Service via Message Refresh Zero Wait Time

Moodle <2.0.5, <2.1.2 - Info Disclosure

Moodle 2.0.x < 2.0.5 and 2.1.x < 2.1.2 - Unauthenticated Access Restriction Bypass via Hubs Feature

Moodle 1.9.x < 1.9.14, 2.0.x < 2.0.5, 2.1.x < 2.1.2 - Certificate Validation Bypass via openssl_verify Return Value

Moodle <1.9.14, <2.0.5, <2.1.2 - Code Injection

Moodle <2.0.5-2.1.2 - Info Disclosure

Moodle 2.0.0-2.0.4 - Authenticated Cross-Site Scripting via Wiki Comment

Moodle 2.0.0-2.0.5 - Cross-Site Request Forgery in Wiki Module

Moodle < 1.9.15 - CRLF Injection via Calendar URL Parameter

Moodle 2.0.1 - Exposure of Sensitive Information via Direct Request to PHP Files

Moodle < 1.8.13 and 1.9.x < 1.9.9 - Cross-Site Request Forgery via Quiz Attempt Deletion

Moodle < 1.8.13 and 1.9.x < 1.9.9 - Authenticated Cross-Site Scripting via KSES Filter

Moodle < 1.8.13 and 1.9.x < 1.9.9 - Cross-Site Scripting via Blog Index Parameters

Moodle < 1.8.13 and 1.9.x < 1.9.9 - Cross-Site Scripting via Extended Characters in Username

Moodle 1.8.0-1.8.11 - Cross-Site Scripting via Crafted HTML Entities

phpCAS client library < 1.1.0 - Cross-Site Scripting via Crafted URL

Moodle 1.8.x < 1.8.12 and 1.9.x < 1.9.8 - Authenticated Full Name Disclosure via Course Profile Page

Moodle <1.9.8 - Privilege Escalation

Moodle 1.8.0-1.8.11 - SQL Injection via Wiki Module or Form Select Groups

Moodle 1.8.0-1.8.11 - Cross-Site Scripting via Login-As Feature or Global Search Forms

Moodle 1.8.x-1.9.7 - Session Fixation via Default Session ID Regeneration Setting

Moodle <1.8.11, <1.9.7 - SQL Injection

Moodle <1.8.11-1.9.7 - Info Disclosure

Previous Page 23 of 26 Next

Products

moodle 624 Jmol Plugin 2 Moodle LMS 1 saml_authentication 1 virtual_programming_lab 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy