Vulnerabilities > Moodle

DATE CVE VULNERABILITY TITLE RISK
2018-05-25 CVE-2018-1137 Improper Input Validation vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-20
8.1
8.1
2018-05-25 CVE-2018-1136 Cross-site Scripting vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-79
4.3
4.3
2018-05-25 CVE-2018-1135 Information Exposure vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-200
6.5
6.5
2018-05-25 CVE-2018-1134 Improper Privilege Management vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-269
6.5
6.5
2018-05-25 CVE-2018-1133 Code Injection vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-94
8.8
8.8
2018-04-04 CVE-2018-1082 Improper Authentication vulnerability in Moodle
A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4.
network
high complexity
moodle CWE-287
8.1
8.1
2018-04-04 CVE-2018-1081 Unspecified vulnerability in Moodle
A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions.
network
low complexity
moodle
5.3
5.3
2018-01-22 CVE-2018-1045 Cross-site Scripting vulnerability in Moodle
In Moodle 3.x, there is XSS via a calendar event name.
network
low complexity
moodle CWE-79
5.4
5.4
2018-01-22 CVE-2018-1044 Information Exposure vulnerability in Moodle
In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.
network
low complexity
moodle CWE-200
4.3
4.3
2018-01-22 CVE-2018-1043 Unspecified vulnerability in Moodle
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.
network
low complexity
moodle
6.5
6.5