Vulnerabilities > Moodle > Moodle > 3.4.0

DATE CVE VULNERABILITY TITLE RISK
2018-07-10 CVE-2018-10889 Information Exposure Through Log Files vulnerability in Moodle
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7.
network
low complexity
moodle CWE-532
5.0
5.0
2018-05-25 CVE-2018-1137 Improper Input Validation vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-20
5.5
5.5
2018-05-25 CVE-2018-1136 Cross-site Scripting vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-79
4.0
4.0
2018-05-25 CVE-2018-1135 Information Exposure vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-200
4.0
4.0
2018-05-25 CVE-2018-1134 Improper Privilege Management vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-269
4.0
4.0
2018-05-25 CVE-2018-1133 Code Injection vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-94
6.5
6.5
2018-04-04 CVE-2018-1082 Improper Authentication vulnerability in Moodle
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4.
network
moodle CWE-287
6.8
6.8
2018-04-04 CVE-2018-1081 Unspecified vulnerability in Moodle
A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions.
network
low complexity
moodle
5.0
5.0
2018-01-22 CVE-2018-1044 Information Exposure vulnerability in Moodle
In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.
network
low complexity
moodle CWE-200
4.0
4.0
2018-01-22 CVE-2018-1043 Unspecified vulnerability in Moodle
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.
network
low complexity
moodle
4.0
4.0