Exposição de Moodle

LMS

70

score de exposição

13.690

sites usam

0

em exploração

7

críticos

CVEs

292 resultados

CVE-2021-43559—A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related bEPSS 0.6%CVE-2022-0335—A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge aliEPSS 0.6%CVE-2024-25983LOWMsa-24-0006: idor on dashboard comments blockEPSS 0.6%CVE-2024-43426HIGHMoodle: arbitrary file read risk through pdftexEPSS 0.6%CVE-2024-25979MEDIUMMsa-24-0002: forum search accepted random parameters in its urlEPSS 0.6%CVE-2021-36397MEDIUMIn Moodle, insufficient capability checks meant message deletions were not limited to the current user.EPSS 0.6%CVE-2024-25981MEDIUMMsa-24-0004: forum export did not respect activity group settingsEPSS 0.6%CVE-2020-14320—In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk.EPSS 0.6%CVE-2020-1692HIGHMoodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.EPSS 0.6%CVE-2022-0333—A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageenEPSS 0.6%CVE-2021-32475—ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3EPSS 0.6%CVE-2022-40208MEDIUMIn Moodle, insufficient limitations in some quiz web services made it possible for students to bypass sequential navigation during a quiz atEPSS 0.6%CVE-2023-5549LOWMoodle: insufficient capability checks when updating the parent of a course categoryEPSS 0.6%CVE-2026-26045HIGHMoodle: moodle: improper validation in file restore functionality leading to remote code executionEPSS 0.6%CVE-2023-28334MEDIUMMoodle: users' name enumeration possible via idor on learning plans pageEPSS 0.6%CVE-2024-33999CRITICALmoodle: unsafe direct use of $_SERVER['HTTP_REFERER'] in admin/tool/mfa/index.phpEPSS 0.5%CVE-2020-1754MEDIUMIn Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the 'access all groups' capability were not EPSS 0.5%CVE-2023-5545LOWMoodle: auto-populated h5p author name causes a potential information leakEPSS 0.5%CVE-2022-40316MEDIUMThe H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers abEPSS 0.5%CVE-2024-25980MEDIUMMsa-24-0003: h5p attempts report did not respect activity group settingsEPSS 0.5%

← anteriorpágina 9 / 15próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →