Moodle : Security Vulnerabilities (CVSS score >= 9)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2021-21809		Exec Code	2021-06-23	2022-08-24	9.0	None	Remote	Low	???	Complete	Complete	Complete
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
2	CVE-2006-4936	20		2006-09-23	2020-12-01	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors.
3	CVE-2006-4935	20		2006-09-23	2020-12-01	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspecified impact and remote attack vectors.
4	CVE-2005-2247			2005-07-12	2020-12-01	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors.
5	CVE-2004-2237			2004-12-31	2020-12-01	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts."
6	CVE-2004-2236			2004-12-31	2020-12-01	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.
7	CVE-2004-2235			2004-12-31	2008-09-05	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text.
8	CVE-2004-2233			2004-12-31	2020-12-01	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Unknown "front page vulnerability with Moodle servers" for Moodle before 1.3.2 has unknown impact and attack vectors.

Total number of vulnerabilities : 8 Page : 1 (This Page)