Moodle
by Moodle
Source repositories
CVEs (570)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-2234 | 0.00 | — | 0.01 | Dec 31, 2004 | Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators. | |||
| CVE-2004-2233 | 0.00 | — | 0.02 | Dec 31, 2004 | Unknown "front page vulnerability with Moodle servers" for Moodle before 1.3.2 has unknown impact and attack vectors. | |||
| CVE-2004-2232 | 0.00 | — | 0.01 | Dec 31, 2004 | SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements. | |||
| CVE-2004-2236 | 0.00 | — | 0.01 | Dec 31, 2004 | Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. | |||
| CVE-2004-1425 | 0.00 | — | 0.02 | Dec 31, 2004 | Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter. | |||
| CVE-2004-1424 | 0.00 | — | 0.01 | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||
| CVE-2004-2237 | 0.00 | — | 0.02 | Dec 31, 2004 | Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts." | |||
| CVE-2004-2235 | 0.00 | — | 0.01 | Dec 31, 2004 | Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text. | |||
| CVE-2004-1711 | 0.00 | — | 0.01 | Aug 6, 2004 | Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. | |||
| CVE-2004-0725 | 0.00 | — | 0.04 | Jul 27, 2004 | Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter. |
- CVE-2004-2234Dec 31, 2004risk 0.00cvss —epss 0.01
Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators.
- CVE-2004-2233Dec 31, 2004risk 0.00cvss —epss 0.02
Unknown "front page vulnerability with Moodle servers" for Moodle before 1.3.2 has unknown impact and attack vectors.
- CVE-2004-2232Dec 31, 2004risk 0.00cvss —epss 0.01
SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements.
- CVE-2004-2236Dec 31, 2004risk 0.00cvss —epss 0.01
Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.
- CVE-2004-1425Dec 31, 2004risk 0.00cvss —epss 0.02
Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. (dot dot) in the file parameter.
- CVE-2004-1424Dec 31, 2004risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.
- CVE-2004-2237Dec 31, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in Moodle before 1.3.4 has unknown impact and attack vectors, related to "strings in Moodle texts."
- CVE-2004-2235Dec 31, 2004risk 0.00cvss —epss 0.01
Unknown vulnerability in Moodle before 1.2 has unknown impact and attack vectors, related to improper filtering of text.
- CVE-2004-1711Aug 6, 2004risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter.
- CVE-2004-0725Jul 27, 2004risk 0.00cvss —epss 0.04
Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter.
Page 29 of 29