Exposición de Moodle
LMS70
score de exposición
13.690
sitios usan
0
en explotación
7
críticos
CVEs
292 resultadosCVE-2024-34002MEDIUMmoodle: authenticated LFI risk in some misconfigured shared hosting environments via modified mod_feedback backupEPSS 0.5%CVE-2024-34005MEDIUMmoodle: authenticated LFI risk in some misconfigured shared hosting environments via modified mod_data backupEPSS 0.5%CVE-2024-34004MEDIUMmoodle: authenticated LFI risk in some misconfigured shared hosting environments via modified mod_wiki backupEPSS 0.5%CVE-2024-43431HIGHMoodle: idor in badges allows deletion of arbitrary badgesEPSS 0.5%CVE-2024-38276HIGHmoodle: CSRF risks due to misuse of confirm_sesskeyEPSS 0.5%CVE-2024-38275HIGHmoodle: HTTP authorization header is preserved between "emulated redirects"EPSS 0.4%CVE-2025-26533HIGHSQL injection risk in course search module list filterEPSS 0.4%CVE-2026-26047MEDIUMMoodle: moodle: uncontrolled resource consumption in tex formula editor leading to denial of serviceEPSS 0.4%CVE-2023-5542LOWMoodle: students can view other users in "only see own membership" groupsEPSS 0.4%CVE-2024-38273MEDIUMmoodle: BigBlueButton web service leaks meeting joining information to users who should not have accessEPSS 0.4%CVE-2024-34009HIGHmoodle: ReCAPTCHA can be bypassed on the login pageEPSS 0.4%CVE-2025-67853HIGHMoodle: moodle: brute-force facilitation due to missing rate limiting in confirmation email serviceEPSS 0.4%CVE-2023-28335HIGHMoodle: csrf risk in resetting all templates of a database activityEPSS 0.4%CVE-2025-26525HIGHArbitrary file read risk through pdfTeXEPSS 0.4%CVE-2022-39183MEDIUMMoodle Plugin - SAML Auth Open RedirectEPSS 0.4%CVE-2024-45691MEDIUMMoodle: lesson activity password bypass through php loose comparisonEPSS 0.4%CVE-2022-45149MEDIUMA vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's EPSS 0.4%CVE-2022-2986—Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk.EPSS 0.4%CVE-2025-62399HIGHMoodle: password brute force risk when mobile/web services enabledEPSS 0.4%CVE-2024-33997MEDIUMmoodle: stored XSS risk when editing another user's equation in equation editorEPSS 0.4%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →