| CVE-2017-2641 |
critical |
9.8 |
10.0 |
EXP |
|
moodle |
9y ago |
Moodle SQL injection via user preferences |
| CVE-2015-3179 |
low |
— |
3.5 |
|
|
moodle |
11y ago |
Moodle allows attackers to bypass intended login restrictions |
| CVE-2015-3178 |
low |
— |
3.5 |
|
|
moodle |
11y ago |
Moodle cross-site scripting (XSS) vulnerability |
| CVE-2015-3177 |
low |
— |
3.5 |
|
|
moodle |
11y ago |
Moodle 2.8.x before 2.8.6 does not consider the tool/monitor:subscribe capability before entering subscriptions to site-wide event-monitor rules, which allows remote authenticated users to obtain sen… |
| CVE-2015-3174 |
low |
— |
3.5 |
|
|
moodle |
11y ago |
Moodle does not set the RISK_XSS bit for graders |
| CVE-2015-2273 |
low |
— |
3.5 |
|
|
moodle |
11y ago |
Moodle cross-site scripting (XSS) vulnerability |
| CVE-2015-2269 |
low |
— |
4.5 |
EXP |
|
moodle |
11y ago |
Moodle XSS Vulnerability |
| CVE-2015-0216 |
low |
— |
3.5 |
|
|
moodle |
11y ago |
Moodle does not set the RISK_XSS bit for graders |
| CVE-2015-0212 |
low |
— |
3.5 |
|
|
moodle |
11y ago |
Moodle cross-site scripting (XSS) vulnerability |
| CVE-2014-7835 |
low |
— |
2.1 |
|
|
moodle |
12y ago |
Moodle allows attackers to upload files containing JavaScript |
| CVE-2014-7830 |
low |
— |
3.5 |
|
|
moodle |
12y ago |
Moodle cross-site scripting (XSS) vulnerability |
| CVE-2014-3551 |
low |
— |
3.5 |
|
|
moodle |
12y ago |
Moodle multiple cross-site scripting (XSS) vulnerabilities |
| CVE-2014-3544 |
low |
— |
4.5 |
EXP |
|
moodle |
12y ago |
Moodle cross-site scripting (XSS) vulnerability |
| CVE-2014-2571 |
low |
— |
3.5 |
|
|
moodle |
12y ago |
Moodle cross-site scripting (XSS) vulnerability |
| CVE-2013-4525 |
low |
— |
3.5 |
|
|
moodle |
13y ago |
Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authe… |
| CVE-2013-4523 |
low |
— |
3.5 |
|
|
moodle |
13y ago |
Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbit… |
| CVE-2013-1835 |
low |
— |
3.5 |
|
|
moodle |
13y ago |
Moodle's login_as feature leaks information from external repositories |
| CVE-2013-1833 |
low |
— |
3.5 |
|
|
moodle |
13y ago |
Moodle Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module |
| CVE-2012-3396 |
low |
— |
3.5 |
|
|
moodle |
14y ago |
Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 allows remote authenticated administrato… |
| CVE-2012-3393 |
low |
— |
3.5 |
|
|
moodle |
14y ago |
Cross-site scripting (XSS) vulnerability in repository/lib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 allows remote authenticated administrators to inject arbitrary web script or HTML by… |
| CVE-2012-3390 |
low |
— |
3.5 |
|
|
moodle |
14y ago |
lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly restrict file access after a block has been hidden, which allows remote authenticated users to obtain sensitive i… |
| CVE-2012-2365 |
low |
— |
3.5 |
|
|
moodle |
14y ago |
Cross-site scripting (XSS) vulnerability in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the idnu… |
| CVE-2012-2364 |
low |
— |
3.5 |
|
|
moodle |
14y ago |
Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script o… |
| CVE-2012-2362 |
low |
— |
2.6 |
|
|
moodle |
14y ago |
Cross-site scripting (XSS) vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x before 1.9.18, when Internet Explorer is used, allows remote attackers to inject arbitrary web scri… |
| CVE-2012-2361 |
low |
— |
3.5 |
|
|
moodle |
14y ago |
Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authen… |
| CVE-2012-2360 |
low |
— |
3.5 |
|
|
moodle |
14y ago |
Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web scrip… |
| CVE-2012-0800 |
low |
— |
2.1 |
|
|
moodle |
14y ago |
The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the … |
