CVE-2025-67976

Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Watu Quiz: from n/a through = 3.4.5...

EUVD-2023-0921

Malicious code in bioql PyPI...

PT-2024-30580 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: moodle affected versions not specified Description: A flaw was found in moodle, where external API access to Quiz can override contained insufficient access control. Recommendations: At the moment, there is no information about a newer versio...

BIT-MOODLE-2021-40695

It was possible for a student to view their quiz grade before it had been released, using a quiz web service...

Design/Logic Flaw

An issue was discovered in the fpmasterquiz aka Master-Quiz extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. An attacker can continue the quiz of a different user. In doing so, the attacker can view that user's answers and modify those answers...

CVE-2021-43129

A bypass exists for Desire2Learn/D2L Brightspace’s “Disable Right Click” option in the quizzing feature, which allows a quiz-taker to access print and copy functionality via the browser’s right click menu even when “Disable Right Click” is enabled on the quiz...

Code injection

Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to execute arbitrary code via a calculated question in a quiz...

CVE-2012-2355

This CVE (CVE-2012-2355) affects Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3. The underlying issue is a capability check bypass that allows remote authenticated users to bypass the question:use* requirements and add arbitrary questions to a quiz via the questions feature. The stated impact i...