14 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-3640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and...
PT-2024-16914 · WordPress · The Tutor Lms
Name of the Vulnerable Software and Affected Versions: The Tutor LMS – eLearning and online course solution plugin for WordPress versions up to, and including, 2.6.0 Description: The issue allows authenticated attackers with subscriber access or higher to interact with questions in courses they a...
SUSE CVE-2015-5339
The coreenrolgetenrolledusers web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain sensitive course-participant...
CVE-2020-1692
A flaw was found in moodle. Users' web service tokens could be exposed to other users enrolled in the same course, who have the ability to share HTML content. The highest threat from this vulnerability is to data confidentiality and integrity...
GHSA-9328-7PCW-VW69 Cross-Site Request Forgery in Moodle
Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course...
CVE-2020-1692
Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course...
Information Disclosure Via Privilege Escalation
Moodle is vulnerable to information disclosure through privilege escalation attacks. Sensitive information from hidden fields is accessible to authenticated users when a user with the Teacher role navigates to the Enrolled users page in user settings...
Moodle 1.9.x < 1.9.17 Multiple Vulnerabilities
Binary data 9429.prm...
UBUNTU-CVE-2015-5339
The coreenrolgetenrolledusers web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain sensitive course-participant...
Secure Mail Error: "Cannot Safely connect to the server. The server certificate is not trusted."
New Users: When attempting to connect to Secure Mail, new users encounter the following error message: "Cannot safely connect to the server. The server's certificate is not trusted." Already Enrolled Users: Already enrolled users experience the error message: "Access to your company network is no...
CVE-2012-2353
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section...
CVE-2012-2353
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section...
Stack overflow
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section...
UBUNTU-CVE-2012-2353
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section...