Vulnerabilities > Moodle

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2012-1160 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
network
low complexity
moodle fedoraproject CWE-732
2.7
2.7
2019-11-14 CVE-2012-1159 Information Exposure vulnerability in multiple products
Moodle before 2.2.2: Overview report allows users to see hidden courses
network
low complexity
moodle fedoraproject CWE-200
4.3
4.3
2019-11-14 CVE-2012-1158 Information Exposure vulnerability in multiple products
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
network
low complexity
moodle fedoraproject CWE-200
4.3
4.3
2019-11-14 CVE-2012-1157 Incorrect Default Permissions vulnerability in multiple products
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
network
low complexity
moodle fedoraproject CWE-276
4.3
4.3
2019-11-14 CVE-2012-1168 Improper Input Validation vulnerability in multiple products
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
network
low complexity
moodle fedoraproject redhat CWE-20
8.2
8.2
2019-11-14 CVE-2012-1156 Information Exposure Through Log Files vulnerability in multiple products
Moodle before 2.2.2 has users' private files included in course backups
network
low complexity
moodle fedoraproject redhat CWE-532
7.5
7.5
2019-11-14 CVE-2012-1155 Information Exposure vulnerability in multiple products
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
network
low complexity
moodle fedoraproject redhat debian CWE-200
7.5
7.5
2019-07-31 CVE-2019-10189 Unspecified vulnerability in Moodle
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7.
network
low complexity
moodle
4.3
4.3
2019-07-31 CVE-2019-10188 Unspecified vulnerability in Moodle
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7.
network
low complexity
moodle
4.3
4.3
2019-07-31 CVE-2019-10187 Missing Authorization vulnerability in Moodle
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7.
network
low complexity
moodle CWE-862
4.3
4.3