Exposição de Moodle
LMS70
score de exposição
13.690
sites usam
0
em exploração
7
críticos
CVEs
292 resultadosCVE-2024-48897MEDIUMMoodle: idor in edit/delete rss feedEPSS 0.3%CVE-2024-48901MEDIUMMoodle: idor when fetching report schedulesEPSS 0.3%CVE-2025-3636MEDIUMMoodle: idor in moodle rss block allows unauthorized access to rss feedsEPSS 0.3%CVE-2023-5551LOWMoodle: forum summary report shows students from other groups when in separate groups modeEPSS 0.3%CVE-2025-3643MEDIUMMoodle: reflected xss risk in policy toolEPSS 0.3%CVE-2025-26531LOWIDOR in badges allows disabling of arbitrary badgesEPSS 0.3%CVE-2025-62396MEDIUMMoodle: router (r.php) could expose application directoriesEPSS 0.3%CVE-2025-3644MEDIUMMoodle: ajax section delete does not respect course_can_delete_section()EPSS 0.3%CVE-2025-67856MEDIUMMoodle: moodle: privilege escalation via incomplete role checks in badge awardingEPSS 0.3%CVE-2025-3628MEDIUMMoodle: moodle assignment submission search leaks anonymous student identitiesEPSS 0.3%CVE-2025-3647MEDIUMMoodle: idor when accessing the cohorts reportEPSS 0.3%CVE-2025-26528LOWStored XSS in ddimageortext question typeEPSS 0.3%CVE-2025-32045MEDIUMMoodle: hidden grades shown to users without permission on some grade reportsEPSS 0.3%CVE-2025-53021MEDIUMA session fixation vulnerability in Moodle 3.x through 3.11.18 allows unauthenticated attackers to hijack user sessions via the sesskey paraEPSS 0.3%CVE-2025-3638HIGHMoodle: csrf risk in brickfield tool's analysis request actionEPSS 0.3%CVE-2025-62397MEDIUMMoodle: router produces json instead of 404 error for invalid course idEPSS 0.3%CVE-2025-67849HIGHMoodle: moodle: cross-site scripting (xss) via improper sanitization of ai prompt responsesEPSS 0.3%CVE-2025-67851MEDIUMMoodle: moodle: formula injection allows arbitrary formula execution via unescaped data exportEPSS 0.3%CVE-2025-62400MEDIUMMoodle: hidden group names visible to event creatorsEPSS 0.2%CVE-2025-67852LOWMoodle: moodle: open redirect vulnerability in oauth login flow allows redirection to malicious sites.EPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →