Vendor CVEs
Moodle
All CVEs
570 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-5264 | Med | 0.28 | 5.4 | 0.01 | Feb 22, 2016 | The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role. | ||
| CVE-2015-3273 | Med | 0.28 | 4.3 | 0.01 | Feb 22, 2016 | mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group… | ||
| CVE-2017-12157 | Med | 0.21 | 4.3 | 0.01 | Sep 18, 2017 | In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access. | ||
| CVE-2017-7531 | Med | 0.21 | 4.3 | 0.01 | Jul 17, 2017 | In Moodle 3.3, the course overview block reveals activities in hidden courses. | ||
| CVE-2016-3733 | Med | 0.21 | 4.3 | 0.01 | Apr 20, 2017 | The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber. | ||
| CVE-2016-2159 | Med | 0.21 | 4.3 | 0.01 | May 22, 2016 | The save_submission function in mod/assign/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote authenticated users to bypass intended due-date restrictions by leveraging the student role for… | ||
| CVE-2016-2158 | Med | 0.21 | 4.3 | 0.02 | May 22, 2016 | lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attackers to obtain sensitive category-detail information from the navigation branch by… | ||
| CVE-2016-2156 | Med | 0.21 | 4.3 | 0.02 | May 22, 2016 | calendar/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 provides calendar-event data without considering whether an activity is hidden, which allows remote authenticated users to obtain sensitive… | ||
| CVE-2016-2155 | Med | 0.21 | 4.3 | 0.02 | May 22, 2016 | The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/grade:manage capability, which allows remote authenticated users to modify "Exclude grade" settings by leveraging… | ||
| CVE-2016-2154 | Med | 0.21 | 4.3 | 0.02 | May 22, 2016 | admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a… | ||
| CVE-2016-2151 | Med | 0.21 | 4.3 | 0.02 | May 22, 2016 | user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 grants excessive authorization on the basis of the moodle/course:viewhiddenuserfields capability, which allows remote authenticated users to discover… | ||
| CVE-2016-0724 | Med | 0.21 | 4.3 | 0.02 | Feb 22, 2016 | The (1) core_enrol_get_course_enrolment_methods and (2) enrol_self_get_instance_info web services in Moodle through 2.6.11, 2.7.x before 2.7.12, 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 do not consider the moodle/course:viewhiddencourses capability, which… | ||
| CVE-2015-5342 | Med | 0.21 | 4.3 | 0.01 | Feb 22, 2016 | The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote authenticated users to bypass intended access restrictions by visiting a URL to add or delete responses in the closed state. | ||
| CVE-2015-5341 | Med | 0.21 | 4.3 | 0.01 | Feb 22, 2016 | mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors. | ||
| CVE-2015-5340 | Med | 0.21 | 4.3 | 0.01 | Feb 22, 2016 | Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) badges/overview.php or (2)… | ||
| CVE-2015-5339 | Med | 0.21 | 4.3 | 0.01 | Feb 22, 2016 | The core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain… | ||
| CVE-2015-5335 | Med | 0.21 | 4.3 | 0.01 | Feb 22, 2016 | Cross-site request forgery (CSRF) vulnerability in admin/registration/register.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote attackers to hijack the authentication of administrators for requests that send statistics… | ||
| CVE-2015-5331 | Med | 0.21 | 4.3 | 0.01 | Feb 22, 2016 | Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API. | ||
| CVE-2015-5268 | Med | 0.21 | 4.3 | 0.02 | Feb 22, 2016 | The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value. | ||
| CVE-2015-5265 | Med | 0.21 | 4.3 | 0.01 | Feb 22, 2016 | The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles capability before authorizing file management, which allows remote authenticated users to delete arbitrary files by using a… | ||
| CVE-2024-43425 | 0.10 | — | 0.83 | Nov 7, 2024 | A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions. | |||
| CVE-2013-3630 | 0.06 | — | 0.43 | Nov 1, 2013 | Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor. | |||
| CVE-2022-35650 | 0.04 | — | 0.49 | Jul 25, 2022 | The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to… | |||
| CVE-2019-3810 | 0.04 | — | 0.14 | Mar 25, 2019 | A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The /userpix/ page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by… | |||
| CVE-2006-0147 | 0.04 | — | 0.13 | Jan 9, 2006 | Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote… | |||
| CVE-2006-0146 | 0.04 | — | 0.13 | Jan 9, 2006 | The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to… | |||
| CVE-2009-1171 | 0.03 | — | 0.06 | Mar 30, 2009 | The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file. | |||
| CVE-2007-6538 | 0.03 | — | 0.04 | Dec 27, 2007 | SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2007-1647 | 0.03 | — | 0.03 | Mar 24, 2007 | Moodle 1.5.2 and earlier stores sensitive information under the web root with insufficient access control, and provides directory listings, which allows remote attackers to obtain user names, password hashes, and other sensitive information via a direct request for session… | |||
| CVE-2006-5219 | 0.03 | — | 0.02 | Oct 10, 2006 | SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter. | |||
| CVE-2006-3951 | 0.03 | — | 0.03 | Aug 1, 2006 | PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||
| CVE-2004-1978 | 0.03 | — | 0.02 | Apr 30, 2004 | Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter. | |||
| CVE-2021-36393 | 0.02 | — | 0.52 | Mar 6, 2023 | In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses. | |||
| CVE-2025-34031 | 0.01 | — | 0.03 | Jun 24, 2025 | A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the query parameter in jsmol.php. The script directly passes user input to the file_get_contents() function without proper validation, allowing attackers to read arbitrary files from… | |||
| CVE-2021-36394 | 0.01 | — | 0.07 | Mar 6, 2023 | In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin. | |||
| CVE-2022-35649 | 0.01 | — | 0.06 | Jul 25, 2022 | The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this… | |||
| CVE-2008-1502 | 0.01 | — | 0.10 | Mar 25, 2008 | The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string containing… | |||
| CVE-2026-26046 | 0.00 | — | 0.02 | Feb 21, 2026 | A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an… | |||
| CVE-2025-67857 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information… | |||
| CVE-2025-67856 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in Moodle. An authorization logic flaw, specifically due to incomplete role checks during the badge awarding process, allowed badges to be granted without proper verification. This could enable unauthorized users to obtain badges they are not entitled to,… | |||
| CVE-2025-67855 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through… | |||
| CVE-2025-67853 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts. | |||
| CVE-2025-67852 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. This occurs due to insufficient validation of redirect parameters, which could… | |||
| CVE-2025-67851 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in moodle. This formula injection vulnerability occurs when data fields are exported without proper escaping. A remote attacker could exploit this by providing malicious data that, when exported and opened in a spreadsheet, allows arbitrary formulas to execute.… | |||
| CVE-2025-67850 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users… | |||
| CVE-2025-67849 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view these compromised pages, their sessions could be stolen,… | |||
| CVE-2025-67848 | 0.00 | — | 0.00 | Feb 3, 2026 | A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling… | |||
| CVE-2025-67847 | 0.00 | — | 0.01 | Jan 23, 2026 | A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation… | |||
| CVE-2021-47857 | 0.00 | — | 0.00 | Jan 21, 2026 | Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code… | |||
| CVE-2025-62401 | 0.00 | — | 0.00 | Oct 23, 2025 | An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment. |
- risk 0.28cvss 5.4epss 0.01
The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role.
- risk 0.28cvss 4.3epss 0.01
mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group…
- risk 0.21cvss 4.3epss 0.01
In Moodle 3.x, various course reports allow teachers to view details about users in the groups they can't access.
- risk 0.21cvss 4.3epss 0.01
In Moodle 3.3, the course overview block reveals activities in hidden courses.
- risk 0.21cvss 4.3epss 0.01
The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber.
- risk 0.21cvss 4.3epss 0.01
The save_submission function in mod/assign/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote authenticated users to bypass intended due-date restrictions by leveraging the student role for…
- risk 0.21cvss 4.3epss 0.02
lib/ajax/getnavbranch.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3, when the forcelogin feature is enabled, allows remote attackers to obtain sensitive category-detail information from the navigation branch by…
- risk 0.21cvss 4.3epss 0.02
calendar/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 provides calendar-event data without considering whether an activity is hidden, which allows remote authenticated users to obtain sensitive…
- risk 0.21cvss 4.3epss 0.02
The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/grade:manage capability, which allows remote authenticated users to modify "Exclude grade" settings by leveraging…
- risk 0.21cvss 4.3epss 0.02
admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows remote authenticated users to discover hidden course names by subscribing to a…
- risk 0.21cvss 4.3epss 0.02
user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 grants excessive authorization on the basis of the moodle/course:viewhiddenuserfields capability, which allows remote authenticated users to discover…
- risk 0.21cvss 4.3epss 0.02
The (1) core_enrol_get_course_enrolment_methods and (2) enrol_self_get_instance_info web services in Moodle through 2.6.11, 2.7.x before 2.7.12, 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 do not consider the moodle/course:viewhiddencourses capability, which…
- risk 0.21cvss 4.3epss 0.01
The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote authenticated users to bypass intended access restrictions by visiting a URL to add or delete responses in the closed state.
- risk 0.21cvss 4.3epss 0.01
mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.
- risk 0.21cvss 4.3epss 0.01
Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not consider the moodle/badges:viewbadges capability, which allows remote authenticated users to obtain sensitive badge information via a request involving (1) badges/overview.php or (2)…
- risk 0.21cvss 4.3epss 0.01
The core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain…
- risk 0.21cvss 4.3epss 0.01
Cross-site request forgery (CSRF) vulnerability in admin/registration/register.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allows remote attackers to hijack the authentication of administrators for requests that send statistics…
- risk 0.21cvss 4.3epss 0.01
Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API.
- risk 0.21cvss 4.3epss 0.02
The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value.
- risk 0.21cvss 4.3epss 0.01
The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles capability before authorizing file management, which allows remote authenticated users to delete arbitrary files by using a…
- CVE-2024-43425Nov 7, 2024risk 0.10cvss —epss 0.83
A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.
- CVE-2013-3630Nov 1, 2013risk 0.06cvss —epss 0.43
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
- CVE-2022-35650Jul 25, 2022risk 0.04cvss —epss 0.49
The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to…
- CVE-2019-3810Mar 25, 2019risk 0.04cvss —epss 0.14
A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The /userpix/ page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by…
- CVE-2006-0147Jan 9, 2006risk 0.04cvss —epss 0.13
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote…
- CVE-2006-0146Jan 9, 2006risk 0.04cvss —epss 0.13
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to…
- CVE-2009-1171Mar 30, 2009risk 0.03cvss —epss 0.06
The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.
- CVE-2007-6538Dec 27, 2007risk 0.03cvss —epss 0.04
SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2007-1647Mar 24, 2007risk 0.03cvss —epss 0.03
Moodle 1.5.2 and earlier stores sensitive information under the web root with insufficient access control, and provides directory listings, which allows remote attackers to obtain user names, password hashes, and other sensitive information via a direct request for session…
- CVE-2006-5219Oct 10, 2006risk 0.03cvss —epss 0.02
SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter.
- CVE-2006-3951Aug 1, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
- CVE-2004-1978Apr 30, 2004risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter.
- CVE-2021-36393Mar 6, 2023risk 0.02cvss —epss 0.52
In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.
- CVE-2025-34031Jun 24, 2025risk 0.01cvss —epss 0.03
A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the query parameter in jsmol.php. The script directly passes user input to the file_get_contents() function without proper validation, allowing attackers to read arbitrary files from…
- CVE-2021-36394Mar 6, 2023risk 0.01cvss —epss 0.07
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.
- CVE-2022-35649Jul 25, 2022risk 0.01cvss —epss 0.06
The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this…
- CVE-2008-1502Mar 25, 2008risk 0.01cvss —epss 0.10
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string containing…
- CVE-2026-26046Feb 21, 2026risk 0.00cvss —epss 0.02
A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an…
- CVE-2025-67857Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information…
- CVE-2025-67856Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in Moodle. An authorization logic flaw, specifically due to incomplete role checks during the badge awarding process, allowed badges to be granted without proper verification. This could enable unauthorized users to obtain badges they are not entitled to,…
- CVE-2025-67855Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through…
- CVE-2025-67853Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts.
- CVE-2025-67852Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. This occurs due to insufficient validation of redirect parameters, which could…
- CVE-2025-67851Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in moodle. This formula injection vulnerability occurs when data fields are exported without proper escaping. A remote attacker could exploit this by providing malicious data that, when exported and opened in a spreadsheet, allows arbitrary formulas to execute.…
- CVE-2025-67850Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users…
- CVE-2025-67849Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view these compromised pages, their sessions could be stolen,…
- CVE-2025-67848Feb 3, 2026risk 0.00cvss —epss 0.00
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling…
- CVE-2025-67847Jan 23, 2026risk 0.00cvss —epss 0.01
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation…
- CVE-2021-47857Jan 21, 2026risk 0.00cvss —epss 0.00
Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code…
- CVE-2025-62401Oct 23, 2025risk 0.00cvss —epss 0.00
An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.
Page 2 of 12