Lucene search
K

15 matches found

OSV
OSV
added 2024/03/06 11:10 a.m.16 views

BIT-MOODLE-2021-32476

A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...

7.5CVSS6.6AI score0.01047EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.49 views

Moodle 3.5.x < 3.5.18 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.5.x prior to 3.5.18, 3.8.x prior to 3.8.9, 3.9.x prior to 3.9.7 or 3.10.x prior to 3.10.4. It is, therefore, affected by multiple vulnerabilities: - An authorization issue allowing teachers to export a CSV file containing forums from all...

7.5CVSS7.1AI score0.01157EPSS
Exploits0References15
NVD
NVD
added 2022/03/11 6:15 p.m.31 views

CVE-2021-32475

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...

5.4CVSS0.00569EPSS
Exploits0References1
OSV
OSV
added 2022/03/11 6:15 p.m.26 views

CVE-2021-32473

It was possible for a student to view their quiz grade before it had been released, using a quiz web service. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...

5.3CVSS6.6AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/03/11 6:15 p.m.45 views

CVE-2021-32474

An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions...

7.2CVSS7.2AI score0.0089EPSS
Exploits0References2
Prion
Prion
added 2022/03/11 6:15 p.m.25 views

Cross site scripting

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...

3.5CVSS5AI score0.00569EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/11 5:54 p.m.103 views

CVE-2021-32474

CVE-2021-32474 is an SQL injection vulnerability in Moodle when MNet is enabled, exploitable via an XML-RPC call from a connected peer. The issue requires site administrator access or access to the keypair. Affected Moodle versions include 3.10 up to 3.10.3, 3.9 up to 3.9.6, 3.8 up to 3.8.8, 3.5 ...

7.2CVSS6.7AI score0.0089EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/11 5:54 p.m.31 views

CVE-2021-32475

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...

5.6AI score0.00569EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/11/08 12:0 a.m.7 views

PT-2020-16163 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.5 to 3.5.14 Moodle versions 3.7 to 3.7.8 Moodle versions 3.8 to 3.8.5 Moodle versions 3.9 to 3.9.2 Description: The upload course tool in Moodle contains an issue where deleting a non-existent or disabled enrollment method...

9.8CVSS6.3AI score0.52299EPSS
Exploits19References145
Positive Technologies
Positive Technologies
added 2020/05/10 12:0 a.m.6 views

PT-2020-12303 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.8 before 3.8.3 Moodle versions 3.7 before 3.7.6 Moodle versions 3.6 before 3.6.10 Moodle versions 3.5 before 3.5.12 Moodle earlier unsupported versions Description: A flaw was found in Moodle that allows creating a SCORM...

8.8CVSS5.9AI score0.03083EPSS
Exploits0References22
OSV
OSV
added 2020/03/18 1:15 p.m.18 views

CVE-2019-14884

A vulnerability was found in Moodle 3.7 before 3.73, 3.6 before 3.6.7 and 3.5 before 3.5.9, where a reflected XSS possible from some fatal error messages...

6.1CVSS5.8AI score0.00909EPSS
Exploits0References2
OSV
OSV
added 2019/03/21 4:1 p.m.21 views

CVE-2019-6970

Moodle 3.5.x before 3.5.4 allows SSRF...

7.5CVSS6.8AI score0.01201EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/03/21 4:1 p.m.17 views

CVE-2019-6970

Moodle 3.5.x before 3.5.4 allows SSRF...

7.5CVSS7.1AI score0.01201EPSS
Exploits0References1
Prion
Prion
added 2019/03/21 4:1 p.m.16 views

Server side request forgery (ssrf)

Moodle 3.5.x before 3.5.4 allows SSRF...

6CVSS7.5AI score0.01201EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/18 8:28 p.m.27 views

CVE-2019-6970

Moodle 3.5.x before 3.5.4 allows SSRF...

7.5AI score0.01201EPSS
Exploits0References3
Rows per page
Query Builder