Filtered by vendor Moodle
Subscriptions
Total
531 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-5547 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-09-04 | 3.3 Low |
The course upload preview contained an XSS risk for users uploading unsafe data. | ||||
CVE-2023-5551 | 2 Fedoraproject, Moodle | 3 Extra Packages For Enterprise Linux, Fedora, Moodle | 2024-09-04 | 3.3 Low |
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups. | ||||
CVE-2023-5539 | 2 Fedoraproject, Moodle | 3 Extra Packages For Enterprise Linux, Fedora, Moodle | 2024-09-03 | 4.7 Medium |
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers. | ||||
CVE-2024-34008 | 1 Moodle | 1 Moodle | 2024-09-03 | 8.8 High |
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF risk. | ||||
CVE-2024-38276 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-08-08 | 8.8 High |
Incorrect CSRF token checks resulted in multiple CSRF risks. | ||||
CVE-2024-34312 | 1 Moodle | 1 Virtual Programming Lab | 2024-08-08 | 6.1 Medium |
Virtual Programming Lab for Moodle up to v4.2.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component vplide.js. | ||||
CVE-2004-2235 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. | ||||
CVE-2004-2237 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts." | ||||
CVE-2004-2233 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Unknown "front page vulnerability with Moodle servers" for Moodle before 1.3.2 has unknown impact and attack vectors. | ||||
CVE-2004-2236 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. | ||||
CVE-2004-2234 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | ||||
CVE-2004-2232 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements. | ||||
CVE-2004-1978 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter. | ||||
CVE-2004-1711 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. | ||||
CVE-2004-1425 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. | ||||
CVE-2004-1424 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
CVE-2004-0725 | 1 Moodle | 1 Moodle | 2024-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter. | ||||
CVE-2005-3649 | 1 Moodle | 1 Moodle | 2024-08-07 | N/A |
jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter. | ||||
CVE-2005-3648 | 1 Moodle | 1 Moodle | 2024-08-07 | N/A |
Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) category.php and (2) info.php. | ||||
CVE-2005-2247 | 1 Moodle | 1 Moodle | 2024-08-07 | N/A |
Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors. |