Vulnerabilities > Moodle > Moodle > 2.2.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-03-25 | CVE-2013-1832 | Information Exposure vulnerability in Moodle repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance. | 4.0 |
2013-03-25 | CVE-2013-1831 | Information Exposure vulnerability in Moodle lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message. | 5.0 |
2013-03-25 | CVE-2013-1830 | Permissions, Privileges, and Access Controls vulnerability in multiple products user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote attackers to obtain sensitive course-profile information by leveraging the guest role, as demonstrated by a Google search. | 5.0 |