| CVE-2022-40208 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle may allow students to bypass sequential navigation during a quiz attempt |
| CVE-2023-1402 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle may display roles to users who don't have access to them |
| CVE-2023-28334 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle may allow authenticated users to enumerate other user's names via learning plans page |
| CVE-2023-28333 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle's Mustache pix helper contained a potential Mustache injection risk if combined with user input |
| CVE-2023-28332 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle vulnerable to Cross-site Scripting when algebra filter enabled but not functional |
| CVE-2023-28331 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle vulnerable to Cross-site Scripting |
| CVE-2023-28329 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle SQL Injection vulnerability |
| CVE-2023-28335 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle vulnerable to Cross-site Request Forgery |
| CVE-2023-28330 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle arbitrary file read vulnerability |
| CVE-2023-28336 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle may allow teachers to access the names of users they could not otherwise access |
| CVE-2021-36398 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle Cross-site Scripting vulnerability |
| CVE-2021-36397 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle has Incorrect Default Permissions |
| CVE-2021-36399 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle Cross-site Scripting vulnerability |
| CVE-2021-36400 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle has Incorrect Default Permissions |
| CVE-2021-36402 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle Improper Input Validation vulnerability |
| CVE-2021-36401 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle vulnerable to Stored Cross-site Scripting |
| CVE-2021-36403 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle has a Hidden Functionality vulnerability |
| CVE-2021-36392 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle SQL Injection vulnerability |
| CVE-2021-36395 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle vulnerable to Uncontrolled Resource Consumption |
| CVE-2021-36394 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle Session Fixation vulnerability |
| CVE-2021-36396 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle vulnerable to Server-Side Request Forgery |
| CVE-2021-36393 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle SQL Injection vulnerability |
| CVE-2023-23921 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle Cross-site Scripting vulnerability |
| CVE-2023-23922 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle Cross-site Scripting vulnerability |
| CVE-2023-23923 |
unknown |
— |
— |
|
|
|
3y ago |
Moodle Improper Access Control vulnerability |
| CVE-2022-45152 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle blind Server-Side Request Forgery (SSRF) vulnerability in LTI provider library |
| CVE-2022-45150 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle reflected cross-site scripting vulnerability in policy tool |
| CVE-2022-45151 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle stored-XSS vulnerability in some "social" user profile fields |
| CVE-2022-45149 |
unknown |
— |
— |
|
|
|
4y ago |
Cross-Site Request Forgery in Moodle |
| CVE-2022-2986 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Cross-Site Request Forgery (CSRF) |
| CVE-2022-40316 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle No groups filtering in H5P activity attempts report |
| CVE-2022-40313 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Stored Cross-site Scripting and page denial of service |
| CVE-2022-40315 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Minor SQL injection risk in admin user browsing |
| CVE-2022-40314 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle remote code execution |
| CVE-2021-40692 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Incorrect Authorization |
| CVE-2021-40693 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle type juggling vulnerability |
| CVE-2021-40691 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Improper Authentication |
| CVE-2021-40695 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2021-40694 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Improper Encoding or Escaping of Output |
| CVE-2021-36568 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Cross-site Scripting vulnerability |
| CVE-2020-14320 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle reflected XSS Vulnerability |
| CVE-2020-1691 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle XSS Vulnerability |
| CVE-2022-35653 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle LTI module reflected XSS risk |
| CVE-2022-35650 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Arbitrary file read when importing lesson questions |
| CVE-2022-35649 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle PostScript Code Injection |
| CVE-2022-35651 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Stored XSS and blind SSRF possible via SCORM track details |
| CVE-2022-35652 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Open redirect risk in mobile auto-login feature |
| CVE-2019-18210 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Persistent Cross-site Scripting (XSS) |
| CVE-2021-43559 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle contains CSRF vulnerability |
| CVE-2021-43560 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Insecure direct object reference (IDOR) in a calendar web service |
| CVE-2021-32244 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Cross Site Scripting (XSS) |
| CVE-2021-20279 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle contains Stored XSS via ID number user profile field |
| CVE-2021-20283 |
unknown |
— |
— |
|
|
|
4y ago |
Missing permission check in Moodle |
| CVE-2021-20282 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Bypass email verification secret when confirming account registration |
| CVE-2021-20186 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Cross-site Scripting |
| CVE-2021-20187 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Arbitrary PHP code execution by site admins via Shibboleth configuration |
| CVE-2021-20184 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Grade information disclosure in grade's external fetch functions |
| CVE-2021-20183 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Vulnerable to Reflected Cross-site Scripting |
| CVE-2021-20185 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Client side denial of service via personal message |
| CVE-2020-25631 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Cross-site Scripting (XSS) |
| CVE-2020-25630 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Denial of Service |
| CVE-2020-25629 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle incorrect access control |
| CVE-2020-25627 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle stored Cross-site Scripting (XSS) |
| CVE-2020-10738 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle vulnerable to RCE |
| CVE-2019-14880 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Oauth 2 Insufficiently Protects Against Compromise |
| CVE-2019-14882 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle open redirect vulnerability |
| CVE-2019-14881 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle XSS Vulnerability |
| CVE-2019-14883 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Email media URL tokens were not checking for user status |
| CVE-2019-14884 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle reflected Cross-site Scripting (XSS) |
| CVE-2019-14879 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle does not revoke role capabilities correctly |
| CVE-2019-10189 |
unknown |
— |
— |
|
|
|
4y ago |
moodle Improper Access Control |
| CVE-2019-10186 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle CSRF Vulnerability |
| CVE-2019-10188 |
unknown |
— |
— |
|
|
|
4y ago |
moodle Improper Access Control |
| CVE-2019-10187 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Ability to delete glossary entries that belong to another glossary |
| CVE-2019-10154 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle all messaging conversations could be viewed |
| CVE-2019-10133 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Open Redirect Vulnerability |
| CVE-2019-10134 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Private files uploaded via incoming mail processing could bypass quota restrictions |
| CVE-2022-30600 |
unknown |
— |
— |
|
|
|
4y ago |
Incorrect Calculation in moodle |
| CVE-2022-30598 |
unknown |
— |
— |
|
|
|
4y ago |
Exposure of Sensitive Information in moodle |
| CVE-2022-30599 |
unknown |
— |
— |
|
|
|
4y ago |
SQL injection in moodle |
| CVE-2022-30596 |
unknown |
— |
— |
|
|
|
4y ago |
Cross-site Scripting in moodle |
| CVE-2022-30597 |
unknown |
— |
— |
|
|
|
4y ago |
External Control of Assumed-Immutable Web Parameter in moodle |
| CVE-2008-5153 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle vulnerable to symlink attack |
| CVE-2018-1044 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Privilege escalation in quiz web services |
| CVE-2018-1045 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle XSS Vulnerability |
| CVE-2018-1135 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Portfolio forum caller class allows a user to download any file |
| CVE-2018-1137 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Portfolio script allows instantiation of class chosen by user |
| CVE-2019-6970 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle SSRF Vulnerability |
| CVE-2018-1136 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Cross-site Scripting |
| CVE-2018-1134 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Improper Privilege Management |
| CVE-2018-1043 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Setting for blocked hosts list can be bypassed with multiple A record hostnames |
| CVE-2018-10890 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2018-10889 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle sensitive information disclosure |
| CVE-2018-14630 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle XML import of ddwtos could lead to intentional remote code execution |
| CVE-2018-14631 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Cross-site Scripting |
| CVE-2018-16854 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Login CSRF vulnerability in login form |
| CVE-2018-1082 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Improper Authentication |
| CVE-2019-3809 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Blind SSRF Risk in /badges/mybackpack.php |
| CVE-2019-3850 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle Stored HTML in assignment submission comments allowed links to be opened directly |
| CVE-2019-3852 |
unknown |
— |
— |
|
|
|
4y ago |
Moodle context freezing |
