Vulners
Lucene search
CVE-2017-2641
🗓️ 26 Mar 2017 18:00:00Reported by redhatType 
cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 103 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 30 |
|---|---|---|---|---|
 | Moodle 2.x/3.x - SQL Injection Exploit | 7 Apr 201700:00 | – | zdt |
 | Moodle 3.0.x < 3.0.9 RCE | 20 Mar 201700:00 | – | nessus |
| Fedora 25 : moodle (2017-0196511d58) | 3 Apr 201700:00 | – | nessus |
| Fedora 24 : moodle (2017-0fcaf52f1a) | 3 Apr 201700:00 | – | nessus |
| Fedora 26 : moodle (2017-d5dbc23747) | 17 Jul 201700:00 | – | nessus |
 | CVE-2017-2641 | 24 Apr 202421:45 | – | circl |
 | Moodle SQL Injection Vulnerability (CNVD-2017-04275) | 22 Mar 201700:00 | – | cnvd |
 | Moodle Remote Code Execution (CVE-2017-2641) | 8 May 201700:00 | – | checkpoint_advisories |
 | CVE-2017-2641 | 26 Mar 201718:00 | – | cvelist |
 | Moodle 2.x/3.x - SQL Injection | 6 Apr 201700:00 | – | exploitdb |
10
Node
OROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROR
[
{
"product": "Moodle 2.x and 3.x",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moodle 2.x and 3.x"
}
]
}
]| Source | Link |
|---|---|
| securitytracker | www.securitytracker.com/id/1038174 |
| securityfocus | www.securityfocus.com/bid/96977 |
| moodle | www.moodle.org/mod/forum/discuss.php |
| exploit-db | www.exploit-db.com/exploits/41828/ |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| function_name | request body | service.php | Exploits Moodle's Ajax External Functions via service.php by supplying the name of the registered external function to be invoked | CWE-89 |
| pref | request body | setuserpref.php | Exploits updating user preferences through the Ajax interface to modify allowed preferences | CWE-89 |
| value | request body | setuserpref.php | Exploits updating user preferences through the Ajax interface to modify allowed preferences | CWE-89 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
13 May 2026 00:24Current
9.7High risk
Vulners AI Score9.7
CVSS 27.5
CVSS 39.8
EPSS0.01895