Vulnerabilities > Moodle

DATE CVE VULNERABILITY TITLE RISK
2018-09-17 CVE-2018-14630 Code Injection vulnerability in Moodle
moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution.
network
low complexity
moodle CWE-94
8.8
8.8
2018-07-10 CVE-2018-10891 Unspecified vulnerability in Moodle
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13.
network
low complexity
moodle
7.3
7.3
2018-07-10 CVE-2018-10890 Information Exposure vulnerability in Moodle
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13.
network
low complexity
moodle CWE-200
5.3
5.3
2018-07-10 CVE-2018-10889 Information Exposure Through Log Files vulnerability in Moodle
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7.
network
low complexity
moodle CWE-532
5.3
5.3
2018-05-25 CVE-2018-1137 Improper Input Validation vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-20
8.1
8.1
2018-05-25 CVE-2018-1136 Cross-site Scripting vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-79
4.3
4.3
2018-05-25 CVE-2018-1135 Information Exposure vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-200
6.5
6.5
2018-05-25 CVE-2018-1134 Improper Privilege Management vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-269
6.5
6.5
2018-05-25 CVE-2018-1133 Code Injection vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-94
8.8
8.8
2018-04-04 CVE-2018-1082 Improper Authentication vulnerability in Moodle
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4.
network
high complexity
moodle CWE-287
8.1
8.1