25 matches found
BIT-MOODLE-2022-50943 Moodle LMS 4.0 Cross-Site Scripting via course search.php
Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users'...
Linux Distros Unpatched Vulnerability : CVE-2022-50943
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through th...
EUVD-2022-55968
Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users'...
CVE-2022-50943
Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users'...
CVE-2022-50943
Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users'...
CVE-2022-50943
Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users'...
CVE-2022-50943 Moodle LMS 4.0 Cross-Site Scripting via course search.php
Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users'...
CVE-2022-50943
Moodle LMS 4.0 is affected by a cross-site scripting (XSS) vulnerability in the search parameter of course/search.php. The issue allows unauthenticated attackers to inject JavaScript code that executes in other users’ browsers and can lead to theft of session cookies. The available documents do n...
CVE-2022-50943 Moodle LMS 4.0 Cross-Site Scripting via course search.php
Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users'...
PT-2026-39472
Name of the Vulnerable Software and Affected Versions Moodle LMS version 4.0 Description An issue allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Specifically, JavaScript code can be injected via the search field in the...
EUVD-2025-4270
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-26533
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An SQL injection risk was identified in the module list filter within course search. CVE-2025-26533 Note that Nessus relies on the presence of the package as...
BIT-MOODLE-2025-26533 SQL injection risk in course search module list filter
An SQL injection risk was identified in the module list filter within course search...
GHSA-RG56-94J7-HJX9 Moodle has a SQL injection risk in course search module list filter
An SQL injection risk was identified in the module list filter within course search...
SQL Injection
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to SQL Injection through the module list filter within course search. Remediation Upgrade moodle/moodle to version 4.1.16, 4.3.10, 4.4.6, 4.5.2 or higher. References - Git Commit - Moodle Forum Credit:...
Moodle has a SQL injection risk in course search module list filter
An SQL injection risk was identified in the module list filter within course search...
CVE-2025-26533
An SQL injection risk was identified in the module list filter within course search...
CVE-2025-26533
An SQL injection risk was identified in the module list filter within course search...
UBUNTU-CVE-2025-26533
An SQL injection risk was identified in the module list filter within course search...
CVE-2025-26533 SQL injection risk in course search module list filter
An SQL injection risk was identified in the module list filter within course search...