| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-1836 |
264 |
|
|
2013-03-25 |
2013-03-26 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access. |
|
2 |
CVE-2013-1835 |
200 |
|
+Info |
2013-03-25 |
2013-03-26 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
|
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature. |
|
3 |
CVE-2013-1834 |
264 |
|
|
2013-03-25 |
2013-03-26 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated users to reassign notes via a modified (1) userid or (2) courseid field. |
|
4 |
CVE-2013-1833 |
79 |
|
XSS |
2013-03-25 |
2013-03-26 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted filename. |
|
5 |
CVE-2013-1832 |
200 |
|
+Info |
2013-03-25 |
2013-03-26 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance. |
|
6 |
CVE-2013-1831 |
200 |
|
+Info |
2013-03-25 |
2013-03-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message. |
|
7 |
CVE-2013-1830 |
264 |
|
+Info |
2013-03-25 |
2013-03-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote attackers to obtain sensitive course-profile information by leveraging the guest role, as demonstrated by a Google search. |
|
8 |
CVE-2012-6112 |
264 |
|
|
2013-01-27 |
2013-01-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string. |
|
9 |
CVE-2012-6105 |
200 |
|
+Info |
2013-01-27 |
2013-01-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 continues to provide a blog RSS feed after blogging is disabled, which allows remote attackers to obtain sensitive information by reading this feed. |
|
10 |
CVE-2012-6099 |
20 |
|
|
2013-01-27 |
2013-01-28 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, which allows remote authenticated users to read arbitrary files by leveraging the backup-restoration feature. |
|
11 |
CVE-2012-6098 |
264 |
|
|
2013-01-27 |
2013-01-30 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
grade/edit/outcome/edit_form.php in Moodle 1.9.x through 1.9.19, 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly enforce the moodle/grade:manage capability requirement, which allows remote authenticated users to convert custom outcomes into standard site-wide outcomes by leveraging the teacher role and using the re-editing feature. |
|
12 |
CVE-2012-5480 |
264 |
|
Bypass |
2012-11-21 |
2012-11-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search. |
|
13 |
CVE-2012-5479 |
264 |
|
|
2012-11-21 |
2012-11-21 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
The Portfolio plugin in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback. |
|
14 |
CVE-2012-5473 |
200 |
|
+Info |
2012-11-21 |
2013-01-29 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an advanced search. |
|
15 |
CVE-2012-5471 |
264 |
|
|
2012-11-21 |
2013-01-29 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout. |
|
16 |
CVE-2012-4408 |
264 |
|
Bypass |
2012-09-19 |
2012-09-19 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass intended access restrictions via a reset operation. |
|
17 |
CVE-2012-4407 |
200 |
|
+Info |
2012-09-19 |
2012-09-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file. |
|
18 |
CVE-2012-4402 |
264 |
|
|
2012-09-19 |
2012-10-26 |
4.9 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
None |
|
webservice/lib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run arbitrary external-service functions via a token intended for only one service. |
|
19 |
CVE-2012-3398 |
|
|
DoS |
2012-07-23 |
2012-08-09 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service (CPU consumption) by using the advanced-search feature on a database activity that has many records. |
|
20 |
CVE-2012-3397 |
264 |
|
Bypass |
2012-07-23 |
2012-07-24 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
lib/modinfolib.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 does not check for a group-membership requirement when determining whether an activity is unavailable or hidden, which allows remote authenticated users to bypass intended access restrictions by selecting an activity that is configured for a group of other users. |
|
21 |
CVE-2012-3396 |
79 |
|
XSS |
2012-07-23 |
2012-07-24 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the idnumber field. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2365. |
|
22 |
CVE-2012-3395 |
89 |
|
Exec Code Sql |
2012-07-23 |
2012-08-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data. |
|
23 |
CVE-2012-3394 |
200 |
|
+Info |
2012-07-23 |
2012-07-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 redirects users from an https LDAP login URL to an http URL, which allows remote attackers to obtain sensitive information by sniffing the network. |
|
24 |
CVE-2012-3393 |
79 |
|
XSS |
2012-07-23 |
2012-07-24 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in repository/lib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 allows remote authenticated administrators to inject arbitrary web script or HTML by renaming a repository. |
|
25 |
CVE-2012-3392 |
16 |
|
Bypass |
2012-07-23 |
2012-07-24 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
mod/forum/unsubscribeall.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not consider whether a forum is optional, which allows remote authenticated users to bypass forum-subscription requirements by leveraging the student role and unsubscribing from all forums. |
|
26 |
CVE-2012-3391 |
264 |
|
Bypass |
2012-07-23 |
2012-07-24 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
mod/forum/rsslib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly implement the requirement for posting before reading a Q&A forum, which allows remote authenticated users to bypass intended access restrictions by leveraging the student role and reading the RSS feed for a forum. |
|
27 |
CVE-2012-3390 |
264 |
|
+Info |
2012-07-23 |
2012-08-09 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
|
lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly restrict file access after a block has been hidden, which allows remote authenticated users to obtain sensitive information by reading a file that is embedded in a block. |
|
28 |
CVE-2012-2367 |
264 |
|
Bypass |
2012-07-20 |
2012-10-30 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
Moodle 1.9.x before 1.9.18, 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/calendar:manageownentries capability requirement and add a calendar entry via a New Entry action. |
|
29 |
CVE-2012-2366 |
|
|
|
2012-07-20 |
2012-07-23 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
mod/data/preset.php in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors. |
|
30 |
CVE-2012-2365 |
79 |
|
XSS |
2012-07-20 |
2012-10-30 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the idnumber field to cohort/edit.php. |
|
31 |
CVE-2012-2364 |
79 |
|
XSS |
2012-07-20 |
2012-07-23 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a "download all" action. |
|
32 |
CVE-2012-2361 |
79 |
|
XSS |
2012-07-20 |
2012-07-23 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the name field (aka the service name) to admin/webservice/service.php. |
|
33 |
CVE-2012-2360 |
79 |
|
XSS |
2012-07-20 |
2012-07-23 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted string that is inserted into a page title. |
|
34 |
CVE-2012-2359 |
264 |
|
+Priv |
2012-07-20 |
2012-07-23 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
admin/roles/override.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to gain privileges by leveraging the teacher role and modifying their own capabilities, as demonstrated by obtaining the backup:userinfo capability. |
|
35 |
CVE-2012-2358 |
264 |
|
Bypass |
2012-07-20 |
2012-07-23 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to bypass an activity's read-only state and modify the database by leveraging the student role and editing database activity entries that already exist. |
|
36 |
CVE-2012-2357 |
200 |
|
+Info |
2012-07-20 |
2012-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Multi-Authentication feature in the Central Authentication Service (CAS) functionality in auth/cas/cas_form.html in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 does not use HTTPS, which allows remote attackers to obtain credentials by sniffing the network. |
|
37 |
CVE-2012-2356 |
264 |
|
Bypass |
2012-07-20 |
2012-07-23 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
The question-bank functionality in Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass intended capability requirements and save questions via a save_question action. |
|
38 |
CVE-2012-2355 |
264 |
|
Bypass |
2012-07-20 |
2012-07-23 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass question:use* capability requirements and add arbitrary questions to a quiz via the questions feature. |
|
39 |
CVE-2012-2354 |
264 |
|
Bypass |
2012-07-20 |
2012-07-23 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL. |
|
40 |
CVE-2012-2353 |
200 |
|
+Info |
2012-07-20 |
2012-08-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section. |
|
41 |
CVE-2012-0801 |
20 |
|
|
2012-07-17 |
2012-07-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors. |
|
42 |
CVE-2012-0800 |
200 |
|
+Info |
2012-07-17 |
2012-07-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on an iPad device. |
|
43 |
CVE-2012-0799 |
200 |
|
+Info |
2012-07-17 |
2012-07-17 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page. |
|
44 |
CVE-2012-0798 |
264 |
|
|
2012-07-17 |
2012-07-17 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role. |
|
45 |
CVE-2012-0797 |
16 |
|
Bypass |
2012-07-17 |
2012-09-14 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token. |
|
46 |
CVE-2012-0796 |
94 |
|
|
2012-07-17 |
2012-07-17 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header. |
|
47 |
CVE-2012-0795 |
20 |
|
|
2012-07-17 |
2012-07-17 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 does not validate e-mail address settings, which allows remote authenticated users to have an unspecified impact via a crafted address. |
|
48 |
CVE-2012-0794 |
255 |
|
|
2012-07-17 |
2012-07-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by reading this script's source code within the open-source software distribution. |
|
49 |
CVE-2012-0793 |
264 |
|
|
2012-07-17 |
2012-07-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors. |
|
50 |
CVE-2011-4593 |
200 |
|
+Info |
2012-07-20 |
2012-07-23 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle user/action_redir group messages, which allows remote authenticated users to discover e-mail addresses by visiting the messaging interface. |
