| 0 |
| url |
VCID-1uce-2wtr-8bfg |
| vulnerability_id |
VCID-1uce-2wtr-8bfg |
| summary |
Improper Input Validation
The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, which allows remote authenticated users to read arbitrary files by leveraging the backup-restoration feature. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.1 |
| purl |
pkg:composer/moodle/moodle@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.1 |
|
|
| aliases |
CVE-2012-6099, GHSA-cr78-rphw-w73p
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1uce-2wtr-8bfg |
|
| 1 |
| url |
VCID-2s6b-tp6p-gue1 |
| vulnerability_id |
VCID-2s6b-tp6p-gue1 |
| summary |
Cross-Site Request Forgery (CSRF)
A sesskey (CSRF) token was not being utilised by the XML loading/unloading admin tool. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.5.7 |
| purl |
pkg:composer/moodle/moodle@3.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 2 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 3 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 8 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 9 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 19 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 20 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.7.1 |
| purl |
pkg:composer/moodle/moodle@3.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-494p-pmxw-b7e2 |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 15 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 16 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1 |
|
|
| aliases |
CVE-2019-10186, GHSA-wv9c-pfpm-4wc5
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2s6b-tp6p-gue1 |
|
| 2 |
| url |
VCID-2vsp-tbwq-1qhf |
| vulnerability_id |
VCID-2vsp-tbwq-1qhf |
| summary |
Moodle does not enforce the forceloginforprofiles setting
user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote attackers to obtain sensitive course-profile information by leveraging the guest role, as demonstrated by a Google search. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.2 |
| purl |
pkg:composer/moodle/moodle@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2 |
|
|
| aliases |
CVE-2013-1830, GHSA-8r7x-qq55-74v2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2vsp-tbwq-1qhf |
|
| 3 |
| url |
VCID-37pj-u3gh-n7fd |
| vulnerability_id |
VCID-37pj-u3gh-n7fd |
| summary |
Insertion of Sensitive Information into Log File
Moodle does not properly restrict links, which allows remote attackers to obtain sensitive URL information by reading a Referer log. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.7.0-beta |
| purl |
pkg:composer/moodle/moodle@2.7.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 2 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 11 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 18 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 19 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 20 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 21 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 22 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 25 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 26 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.7.13 |
| purl |
pkg:composer/moodle/moodle@2.7.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 7 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 8 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 9 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 10 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 11 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 18 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 19 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 20 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 25 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 26 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 27 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 28 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 29 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 30 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 31 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 32 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 33 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 34 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.8.11 |
| purl |
pkg:composer/moodle/moodle@2.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 30 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@2.9.5 |
| purl |
pkg:composer/moodle/moodle@2.9.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 30 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.0.3 |
| purl |
pkg:composer/moodle/moodle@3.0.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 7 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 8 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 9 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 10 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 11 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 12 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 13 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 14 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 17 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 18 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 19 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 20 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 21 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 22 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 23 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 24 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 25 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 26 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 27 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 28 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 29 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 30 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 31 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 32 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 33 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 34 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 35 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 36 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3 |
|
|
| aliases |
CVE-2016-2190, GHSA-r9pc-g29w-f86j
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-37pj-u3gh-n7fd |
|
| 4 |
| url |
VCID-41up-e414-hyba |
| vulnerability_id |
VCID-41up-e414-hyba |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted filename. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.2 |
| purl |
pkg:composer/moodle/moodle@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2 |
|
|
| aliases |
CVE-2013-1833, GHSA-89f3-74m6-g27g
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-41up-e414-hyba |
|
| 5 |
| url |
VCID-65y9-9ur2-pugc |
| vulnerability_id |
VCID-65y9-9ur2-pugc |
| summary |
Improper Input Validation
There is incorrect sanitization of attributes in forums. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.7.18 |
| purl |
pkg:composer/moodle/moodle@2.7.18 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 11 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 18 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 21 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 22 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 25 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 26 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.18 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.9.0-beta |
| purl |
pkg:composer/moodle/moodle@2.9.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 4 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 5 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 9 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 14 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 15 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 16 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 17 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 21 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 22 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 23 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.0.0-beta |
| purl |
pkg:composer/moodle/moodle@3.0.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 4 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 5 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 9 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 14 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 15 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 16 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 17 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 21 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 22 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 23 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.0-beta |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.0.8 |
| purl |
pkg:composer/moodle/moodle@3.0.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 9 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 13 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 14 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 17 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 18 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 19 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 20 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 21 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 22 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 23 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 24 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 25 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 26 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 27 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 28 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.8 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.1.4 |
| purl |
pkg:composer/moodle/moodle@3.1.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 3 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 7 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 8 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 9 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 10 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 11 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 12 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 13 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 14 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 15 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 16 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 17 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 18 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 19 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 20 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 21 |
| vulnerability |
VCID-jn5n-6hg9-tyf7 |
|
| 22 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 23 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 24 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 25 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 26 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 27 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 28 |
| vulnerability |
VCID-q2fa-jymp-c3bb |
|
| 29 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 30 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 31 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 32 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 33 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 34 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 35 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 36 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 37 |
| vulnerability |
VCID-x927-nh46-7fdy |
|
| 38 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 39 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 40 |
| vulnerability |
VCID-yp82-zj5g-pbaf |
|
| 41 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 42 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 43 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.4 |
|
| 5 |
| url |
pkg:composer/moodle/moodle@3.2.1 |
| purl |
pkg:composer/moodle/moodle@3.2.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2qjr-wjh1-8fh6 |
|
| 2 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 5 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 8 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 9 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 10 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 11 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 14 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-jn5n-6hg9-tyf7 |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-nc2j-pay7-ryab |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 23 |
| vulnerability |
VCID-q2fa-jymp-c3bb |
|
| 24 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 25 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-x927-nh46-7fdy |
|
| 29 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 30 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 31 |
| vulnerability |
VCID-yp82-zj5g-pbaf |
|
| 32 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 33 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 34 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.1 |
|
|
| aliases |
CVE-2017-2576, GHSA-cjrf-xg77-chpw
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-65y9-9ur2-pugc |
|
| 6 |
| url |
VCID-83kb-4mk9-t7ge |
| vulnerability_id |
VCID-83kb-4mk9-t7ge |
| summary |
Information Exposure
Students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.9 |
| purl |
pkg:composer/moodle/moodle@3.1.9 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 8 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 9 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 10 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 11 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 14 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 21 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 22 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 23 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 24 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 25 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 26 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 27 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 28 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 29 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 30 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 31 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 32 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.9 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.2.6 |
| purl |
pkg:composer/moodle/moodle@3.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 4 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 5 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 8 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-nc2j-pay7-ryab |
|
| 14 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 15 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 18 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 19 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 20 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 21 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.6 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.3.3 |
| purl |
pkg:composer/moodle/moodle@3.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 11 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 15 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 16 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 17 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 18 |
| vulnerability |
VCID-nc2j-pay7-ryab |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 21 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 22 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 23 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 24 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 25 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 26 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 27 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.3 |
|
|
| aliases |
CVE-2017-15110, GHSA-rjh8-w8jg-xwq5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-83kb-4mk9-t7ge |
|
| 7 |
| url |
VCID-9kbu-4u3w-jufu |
| vulnerability_id |
VCID-9kbu-4u3w-jufu |
| summary |
Moodle does not enforce capability requirements for reading blog comments
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not enforce capability requirements for reading blog comments, which allows remote attackers to obtain sensitive information via a crafted request. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.4 |
| purl |
pkg:composer/moodle/moodle@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.4 |
|
|
| aliases |
CVE-2013-2082, GHSA-wp3g-pr4h-q6vv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9kbu-4u3w-jufu |
|
| 8 |
| url |
VCID-a6pb-47tu-afcg |
| vulnerability_id |
VCID-a6pb-47tu-afcg |
| summary |
Information Exposure
Moodle is vulnerable to information exposure of service tokens for users enrolled in the same course. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.7.2 |
| purl |
pkg:composer/moodle/moodle@3.7.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 8 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 11 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 12 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 13 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 14 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.2 |
|
|
| aliases |
CVE-2020-1692, GHSA-9328-7pcw-vw69
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a6pb-47tu-afcg |
|
| 9 |
| url |
VCID-ajkr-fxa1-mkhk |
| vulnerability_id |
VCID-ajkr-fxa1-mkhk |
| summary |
Cross-site Scripting
Moodle is vulnerable to XSS via a calendar event name. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.10 |
| purl |
pkg:composer/moodle/moodle@3.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 22 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 23 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.2.7 |
| purl |
pkg:composer/moodle/moodle@3.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 3 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 6 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 10 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 11 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 12 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 13 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.3.4 |
| purl |
pkg:composer/moodle/moodle@3.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 9 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 10 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 16 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 17 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 18 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 21 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 22 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 25 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4 |
|
|
| aliases |
CVE-2018-1045, GHSA-595j-wpfg-23w4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ajkr-fxa1-mkhk |
|
| 10 |
| url |
VCID-an53-nu91-k3d7 |
| vulnerability_id |
VCID-an53-nu91-k3d7 |
| summary |
Cross-site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in `auth/db/auth.php` in Moodle allow remote attackers to inject arbitrary web script or HTML via an external DB profile field. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.7.0-beta |
| purl |
pkg:composer/moodle/moodle@2.7.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 2 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 11 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 18 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 19 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 20 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 21 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 22 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 25 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 26 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.7.13 |
| purl |
pkg:composer/moodle/moodle@2.7.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 7 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 8 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 9 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 10 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 11 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 18 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 19 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 20 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 25 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 26 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 27 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 28 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 29 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 30 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 31 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 32 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 33 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 34 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.8.11 |
| purl |
pkg:composer/moodle/moodle@2.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 30 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@2.9.5 |
| purl |
pkg:composer/moodle/moodle@2.9.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 30 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.0.3 |
| purl |
pkg:composer/moodle/moodle@3.0.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 7 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 8 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 9 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 10 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 11 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 12 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 13 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 14 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 17 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 18 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 19 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 20 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 21 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 22 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 23 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 24 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 25 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 26 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 27 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 28 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 29 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 30 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 31 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 32 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 33 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 34 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 35 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 36 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3 |
|
|
| aliases |
CVE-2016-2152, GHSA-6mxm-wpqv-675h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-an53-nu91-k3d7 |
|
| 11 |
| url |
VCID-b2tv-8q9g-qqfz |
| vulnerability_id |
VCID-b2tv-8q9g-qqfz |
| summary |
Improper Input Validation
The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which allows remote attackers to bypass intended form-data filtering via a crafted request. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.4 |
| purl |
pkg:composer/moodle/moodle@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.4 |
|
|
| aliases |
CVE-2013-2083, GHSA-m63h-q4x3-6hwj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b2tv-8q9g-qqfz |
|
| 12 |
| url |
VCID-bgaz-b5zd-e7aj |
| vulnerability_id |
VCID-bgaz-b5zd-e7aj |
| summary |
Moodle does not consider "don't send" attributes during hub registration
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive site information by reading form data. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.4 |
| purl |
pkg:composer/moodle/moodle@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.4 |
|
|
| aliases |
CVE-2013-2081, GHSA-x3x8-fjw6-hccx
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bgaz-b5zd-e7aj |
|
| 13 |
| url |
VCID-bjnq-q2nd-1khp |
| vulnerability_id |
VCID-bjnq-q2nd-1khp |
| summary |
Cross-Site Request Forgery (CSRF)
The login form is not protected by a token to prevent login cross-site request forgery. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.15 |
| purl |
pkg:composer/moodle/moodle@3.1.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 5 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 6 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 7 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 10 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 11 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 12 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 13 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 14 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 15 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 16 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 19 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.6 |
| purl |
pkg:composer/moodle/moodle@3.4.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 12 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 13 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.5.3 |
| purl |
pkg:composer/moodle/moodle@3.5.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 3 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 8 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 9 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 10 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 11 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 14 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 15 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 16 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 17 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 18 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 19 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 20 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 21 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 22 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 23 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 24 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 25 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 26 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 27 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 28 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 29 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 30 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 31 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 32 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 33 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 34 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 35 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 36 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3 |
|
|
| aliases |
CVE-2018-16854, GHSA-xj5f-qv37-r9jc
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bjnq-q2nd-1khp |
|
| 14 |
| url |
VCID-duna-st9c-mqbk |
| vulnerability_id |
VCID-duna-st9c-mqbk |
| summary |
Information Exposure
In Moodle, the quiz web services allow students to see quiz results when it is prohibited in the settings. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.10 |
| purl |
pkg:composer/moodle/moodle@3.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 22 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 23 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.2.7 |
| purl |
pkg:composer/moodle/moodle@3.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 3 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 6 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 10 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 11 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 12 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 13 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.3.4 |
| purl |
pkg:composer/moodle/moodle@3.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 9 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 10 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 16 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 17 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 18 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 21 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 22 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 25 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.1 |
| purl |
pkg:composer/moodle/moodle@3.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 11 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 21 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 22 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 25 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 29 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1 |
|
|
| aliases |
CVE-2018-1044, GHSA-332g-xh34-5c96
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-duna-st9c-mqbk |
|
| 15 |
| url |
VCID-ea5s-xphb-6ub7 |
| vulnerability_id |
VCID-ea5s-xphb-6ub7 |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
mod/lti/service.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.11 |
| purl |
pkg:composer/moodle/moodle@2.4.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.5.7 |
| purl |
pkg:composer/moodle/moodle@2.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.6.4 |
| purl |
pkg:composer/moodle/moodle@2.6.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@2.7.1 |
| purl |
pkg:composer/moodle/moodle@2.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 3 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 6 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 7 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 8 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 9 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 10 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 11 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 12 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 13 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 14 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 15 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 16 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 17 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 18 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 19 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 20 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 21 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 22 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 23 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 24 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 25 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 26 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 27 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 28 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 29 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 30 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 31 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 32 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 33 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 34 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 35 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 36 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 37 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 38 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1 |
|
|
| aliases |
CVE-2014-3542, GHSA-xmwv-mqh8-4xgw
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ea5s-xphb-6ub7 |
|
| 16 |
| url |
VCID-eaqp-7abt-6kg9 |
| vulnerability_id |
VCID-eaqp-7abt-6kg9 |
| summary |
Improper Access Control
The `save_submission` function in `mod/assign/externallib.php` in Moodle allows remote authenticated users to bypass intended due-date restrictions by leveraging the student role for a web-service request. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.7.0-beta |
| purl |
pkg:composer/moodle/moodle@2.7.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 2 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 11 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 18 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 19 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 20 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 21 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 22 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 25 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 26 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.7.13 |
| purl |
pkg:composer/moodle/moodle@2.7.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 7 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 8 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 9 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 10 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 11 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 18 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 19 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 20 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 25 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 26 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 27 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 28 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 29 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 30 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 31 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 32 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 33 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 34 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.8.11 |
| purl |
pkg:composer/moodle/moodle@2.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 30 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@2.9.5 |
| purl |
pkg:composer/moodle/moodle@2.9.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 30 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.0.3 |
| purl |
pkg:composer/moodle/moodle@3.0.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 7 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 8 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 9 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 10 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 11 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 12 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 13 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 14 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 17 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 18 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 19 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 20 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 21 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 22 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 23 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 24 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 25 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 26 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 27 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 28 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 29 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 30 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 31 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 32 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 33 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 34 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 35 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 36 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3 |
|
|
| aliases |
CVE-2016-2159, GHSA-cw72-69wq-f9f2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eaqp-7abt-6kg9 |
|
| 17 |
| url |
VCID-eu27-a3px-87ed |
| vulnerability_id |
VCID-eu27-a3px-87ed |
| summary |
Improper Access Control
Teachers in an assignment group could modify group overrides for other groups in the same assignment. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.5.7 |
| purl |
pkg:composer/moodle/moodle@3.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 2 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 3 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 8 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 9 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 19 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 20 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.7.1 |
| purl |
pkg:composer/moodle/moodle@3.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-494p-pmxw-b7e2 |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 15 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 16 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1 |
|
|
| aliases |
CVE-2019-10189, GHSA-h7xp-7fjp-ghhc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eu27-a3px-87ed |
|
| 18 |
| url |
VCID-fsex-f512-pudv |
| vulnerability_id |
VCID-fsex-f512-pudv |
| summary |
Injection Vulnerability
In Moodle, text injection can occur in email headers, potentially leading to outbound spam. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.7.15 |
| purl |
pkg:composer/moodle/moodle@2.7.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 3 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 4 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 9 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 15 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 16 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 19 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 20 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 21 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 22 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 23 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 24 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 25 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 26 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 27 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.15 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.9.0-beta |
| purl |
pkg:composer/moodle/moodle@2.9.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 4 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 5 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 9 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 14 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 15 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 16 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 17 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 21 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 22 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 23 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.9.7 |
| purl |
pkg:composer/moodle/moodle@2.9.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 2 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 9 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 10 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 11 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 12 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 13 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 14 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 15 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 16 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 17 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 18 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 21 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 22 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 23 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 24 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 25 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.7 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.0.5 |
| purl |
pkg:composer/moodle/moodle@3.0.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 3 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 4 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 5 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 8 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 9 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 10 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 11 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 22 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 23 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 24 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.1.1 |
| purl |
pkg:composer/moodle/moodle@3.1.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 3 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 6 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 7 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 8 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 9 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 10 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 11 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 12 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 13 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 14 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 15 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 16 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 17 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 18 |
| vulnerability |
VCID-e2zc-7ujn-wybu |
|
| 19 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 20 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 21 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 22 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 23 |
| vulnerability |
VCID-jn5n-6hg9-tyf7 |
|
| 24 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 25 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 26 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 27 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 28 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 29 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 30 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 31 |
| vulnerability |
VCID-q2fa-jymp-c3bb |
|
| 32 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 33 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 34 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 35 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 36 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 37 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 38 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 39 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 40 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 41 |
| vulnerability |
VCID-x927-nh46-7fdy |
|
| 42 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 43 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 44 |
| vulnerability |
VCID-yp82-zj5g-pbaf |
|
| 45 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 46 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 47 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.1 |
|
|
| aliases |
CVE-2016-5013, GHSA-2hh3-jmv8-5fmx
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fsex-f512-pudv |
|
| 19 |
| url |
VCID-fu6f-fjmn-g7eh |
| vulnerability_id |
VCID-fu6f-fjmn-g7eh |
| summary |
Moodle allows remote authenticated users to reassign notes
notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated users to reassign notes via a modified (1) userid or (2) courseid field. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.2 |
| purl |
pkg:composer/moodle/moodle@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2 |
|
|
| aliases |
CVE-2013-1834, GHSA-prrh-679x-79qh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fu6f-fjmn-g7eh |
|
| 20 |
| url |
VCID-fwn7-hez1-ayhj |
| vulnerability_id |
VCID-fwn7-hez1-ayhj |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.2 |
| purl |
pkg:composer/moodle/moodle@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2 |
|
|
| aliases |
CVE-2013-1835, GHSA-cc94-hwj3-rf65
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fwn7-hez1-ayhj |
|
| 21 |
| url |
VCID-h8xn-n98n-qqdv |
| vulnerability_id |
VCID-h8xn-n98n-qqdv |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
mod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with a manifest file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue affecting IMSCP resources and the IMSCC format. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.11 |
| purl |
pkg:composer/moodle/moodle@2.4.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.5.7 |
| purl |
pkg:composer/moodle/moodle@2.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.6.4 |
| purl |
pkg:composer/moodle/moodle@2.6.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@2.7.1 |
| purl |
pkg:composer/moodle/moodle@2.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 3 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 6 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 7 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 8 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 9 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 10 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 11 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 12 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 13 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 14 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 15 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 16 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 17 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 18 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 19 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 20 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 21 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 22 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 23 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 24 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 25 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 26 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 27 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 28 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 29 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 30 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 31 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 32 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 33 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 34 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 35 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 36 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 37 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 38 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1 |
|
|
| aliases |
CVE-2014-3543, GHSA-27j2-c838-c3qg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h8xn-n98n-qqdv |
|
| 22 |
|
| 23 |
| url |
VCID-k1bh-ymgt-e7cd |
| vulnerability_id |
VCID-k1bh-ymgt-e7cd |
| summary |
Unrestricted Upload of File with Dangerous Type
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.3 |
| purl |
pkg:composer/moodle/moodle@3.1.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 3 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 6 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 7 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 8 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 9 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 10 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 11 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 12 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 13 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 14 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 15 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 16 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 17 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 18 |
| vulnerability |
VCID-e2zc-7ujn-wybu |
|
| 19 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 20 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 21 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 22 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 23 |
| vulnerability |
VCID-jn5n-6hg9-tyf7 |
|
| 24 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 25 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 26 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 27 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 28 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 29 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 30 |
| vulnerability |
VCID-q2fa-jymp-c3bb |
|
| 31 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 32 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 33 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 34 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 35 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 36 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 37 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 38 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 39 |
| vulnerability |
VCID-x927-nh46-7fdy |
|
| 40 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 41 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 42 |
| vulnerability |
VCID-yp82-zj5g-pbaf |
|
| 43 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 44 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 45 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.3 |
|
|
| aliases |
CVE-2016-9187, GHSA-58fm-v4pr-jh8p
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k1bh-ymgt-e7cd |
|
| 24 |
| url |
VCID-k6pw-51st-b3d2 |
| vulnerability_id |
VCID-k6pw-51st-b3d2 |
| summary |
Cross-site Scripting
Cross-site scripting (XSS) vulnerability in the `advanced-search` feature in `mod_data` in Moodle allows remote attackers to inject arbitrary web script or HTML via a crafted field in a URL. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.7.0-beta |
| purl |
pkg:composer/moodle/moodle@2.7.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 2 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 11 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 18 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 19 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 20 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 21 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 22 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 25 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 26 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.7.13 |
| purl |
pkg:composer/moodle/moodle@2.7.13 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 7 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 8 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 9 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 10 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 11 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 18 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 19 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 20 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 25 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 26 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 27 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 28 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 29 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 30 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 31 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 32 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 33 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 34 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.13 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.8.11 |
| purl |
pkg:composer/moodle/moodle@2.8.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 30 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.11 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@2.9.5 |
| purl |
pkg:composer/moodle/moodle@2.9.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 30 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.0.3 |
| purl |
pkg:composer/moodle/moodle@3.0.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 4 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 5 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 6 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 7 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 8 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 9 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 10 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 11 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 12 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 13 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 14 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 17 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 18 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 19 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 20 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 21 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 22 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 23 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 24 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 25 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 26 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 27 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 28 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 29 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 30 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 31 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 32 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 33 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 34 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 35 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 36 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.3 |
|
|
| aliases |
CVE-2016-2153, GHSA-mj85-3hqq-r6r9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k6pw-51st-b3d2 |
|
| 25 |
| url |
VCID-k73h-z6j8-gkgz |
| vulnerability_id |
VCID-k73h-z6j8-gkgz |
| summary |
Information Exposure
The `/userpix/` page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by default and its access is restricted. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.15 |
| purl |
pkg:composer/moodle/moodle@3.1.15 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 5 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 6 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 7 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 10 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 11 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 12 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 13 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 14 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 15 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 16 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 19 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.15 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.1.16 |
| purl |
pkg:composer/moodle/moodle@3.1.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 10 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 11 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 16 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.16 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.6 |
| purl |
pkg:composer/moodle/moodle@3.4.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 12 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 13 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.6 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.4.7 |
| purl |
pkg:composer/moodle/moodle@3.4.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 10 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 11 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 16 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.7 |
|
| 5 |
| url |
pkg:composer/moodle/moodle@3.5.3 |
| purl |
pkg:composer/moodle/moodle@3.5.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 3 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 8 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 9 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 10 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 11 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 12 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 13 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 14 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 15 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 16 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 17 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 18 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 19 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 20 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 21 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 22 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 23 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 24 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 25 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 26 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 27 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 28 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 29 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 30 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 31 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 32 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 33 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 34 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 35 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 36 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.3 |
|
| 6 |
| url |
pkg:composer/moodle/moodle@3.5.4 |
| purl |
pkg:composer/moodle/moodle@3.5.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 7 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 11 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 12 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 13 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 14 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 15 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 16 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 17 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 18 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 19 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 20 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 21 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 22 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 23 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 24 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 25 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 26 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 27 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 28 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 29 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 30 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 31 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 32 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 33 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 34 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.4 |
|
| 7 |
| url |
pkg:composer/moodle/moodle@3.6.1 |
| purl |
pkg:composer/moodle/moodle@3.6.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 4 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 5 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 6 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 9 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 12 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 13 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 14 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 15 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 16 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 17 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 21 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.1 |
|
| 8 |
| url |
pkg:composer/moodle/moodle@3.6.2 |
| purl |
pkg:composer/moodle/moodle@3.6.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 3 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 6 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 7 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 10 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 11 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 12 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 13 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 14 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 15 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 16 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 17 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 18 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 19 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 20 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.2 |
|
|
| aliases |
CVE-2019-3810, GHSA-wm4w-8vc6-2j4h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k73h-z6j8-gkgz |
|
| 26 |
|
| 27 |
| url |
VCID-m4zv-e3dn-budf |
| vulnerability_id |
VCID-m4zv-e3dn-budf |
| summary |
Improper Access Control
Unauthenticated users can trigger custom messages to admin via paypal enrol script. Paypal IPN callback script should only send error emails to admin after request origin was verified, otherwise admin email can be spammed. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.11 |
| purl |
pkg:composer/moodle/moodle@3.1.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 24 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 25 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 26 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 27 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 28 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.11 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.2.8 |
| purl |
pkg:composer/moodle/moodle@3.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 3 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 6 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 10 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 11 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 12 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 17 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.8 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.3.5 |
| purl |
pkg:composer/moodle/moodle@3.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 9 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 10 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 11 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 14 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 15 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 23 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.4.2 |
| purl |
pkg:composer/moodle/moodle@3.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 11 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 24 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 25 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 26 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.2 |
|
|
| aliases |
CVE-2018-1081, GHSA-v9xq-vh72-chr4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m4zv-e3dn-budf |
|
| 28 |
| url |
VCID-mh2f-ytz5-9fhg |
| vulnerability_id |
VCID-mh2f-ytz5-9fhg |
| summary |
PHP Spellchecker addon for TinyMCE allows attackers to trigger arbitrary outbound HTTP requests
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted string. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.1 |
| purl |
pkg:composer/moodle/moodle@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.1 |
|
|
| aliases |
CVE-2012-6112, GHSA-fx5h-3786-h2w6
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mh2f-ytz5-9fhg |
|
| 29 |
| url |
VCID-mkfz-e1ft-2bcw |
| vulnerability_id |
VCID-mkfz-e1ft-2bcw |
| summary |
Code Injection
It was found in Moodle that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-20187, GHSA-2jrm-gww7-wch2
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mkfz-e1ft-2bcw |
|
| 30 |
| url |
VCID-nntc-dsz1-e3fp |
| vulnerability_id |
VCID-nntc-dsz1-e3fp |
| summary |
Cross-site Scripting
It was found in Moodle that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-20186, GHSA-h8m4-h385-qhqv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nntc-dsz1-e3fp |
|
| 31 |
| url |
VCID-qgn8-zs2m-vkc4 |
| vulnerability_id |
VCID-qgn8-zs2m-vkc4 |
| summary |
Moodle is vulnerable to Sensitive Information Disclosure
The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role and reading the Gradebook Overview report. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.4 |
| purl |
pkg:composer/moodle/moodle@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.4 |
|
|
| aliases |
CVE-2013-2080, GHSA-wmmc-qjq2-vvm2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qgn8-zs2m-vkc4 |
|
| 32 |
| url |
VCID-qhv1-wgpm-7fh6 |
| vulnerability_id |
VCID-qhv1-wgpm-7fh6 |
| summary |
Improper Authorization
Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.5.5 |
| purl |
pkg:composer/moodle/moodle@3.5.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 7 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 12 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 13 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 16 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 23 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 24 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 25 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.6.3 |
| purl |
pkg:composer/moodle/moodle@3.6.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 9 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 10 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 11 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3 |
|
|
| aliases |
CVE-2019-3849, GHSA-5wg9-5w3f-hxmh
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qhv1-wgpm-7fh6 |
|
| 33 |
| url |
VCID-qpu2-8paz-7ydv |
| vulnerability_id |
VCID-qpu2-8paz-7ydv |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.10 |
| purl |
pkg:composer/moodle/moodle@2.4.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-h8xn-n98n-qqdv |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 15 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 21 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 22 |
| vulnerability |
VCID-qxyw-7hnt-hqd6 |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 25 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 26 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 27 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 28 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 29 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 30 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 31 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 32 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 33 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.10 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.5.6 |
| purl |
pkg:composer/moodle/moodle@2.5.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-h8xn-n98n-qqdv |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 15 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 21 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 22 |
| vulnerability |
VCID-qxyw-7hnt-hqd6 |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 25 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 26 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 27 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 28 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 29 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 30 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 31 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 32 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 33 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.7.0 |
| purl |
pkg:composer/moodle/moodle@2.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1ehh-qz6c-ykhp |
|
| 1 |
| vulnerability |
VCID-1rar-m2g3-27ag |
|
| 2 |
| vulnerability |
VCID-1z6j-fs6f-eua1 |
|
| 3 |
| vulnerability |
VCID-29yj-e9bd-queq |
|
| 4 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 5 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 6 |
| vulnerability |
VCID-2y3m-yuaj-vkf2 |
|
| 7 |
| vulnerability |
VCID-37j1-ym2f-1fbc |
|
| 8 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 9 |
| vulnerability |
VCID-3xwm-hqap-8bct |
|
| 10 |
| vulnerability |
VCID-46jw-xjbu-b3f1 |
|
| 11 |
| vulnerability |
VCID-4cx7-eaax-8uhr |
|
| 12 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 13 |
| vulnerability |
VCID-5c29-qn3p-3yde |
|
| 14 |
| vulnerability |
VCID-5nfq-4syg-87da |
|
| 15 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 16 |
| vulnerability |
VCID-5vx4-qtb2-fqe9 |
|
| 17 |
| vulnerability |
VCID-62yh-cpfr-9bb1 |
|
| 18 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 19 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 20 |
| vulnerability |
VCID-8cc1-hbzm-87bx |
|
| 21 |
| vulnerability |
VCID-8q4n-d565-kfbn |
|
| 22 |
| vulnerability |
VCID-95mq-m2jz-a3ab |
|
| 23 |
| vulnerability |
VCID-9z66-z9af-17f7 |
|
| 24 |
| vulnerability |
VCID-a3pu-x51u-1udr |
|
| 25 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 26 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 27 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 28 |
| vulnerability |
VCID-aqc8-tmeg-9fdd |
|
| 29 |
| vulnerability |
VCID-b9ej-hx7z-1bb8 |
|
| 30 |
| vulnerability |
VCID-bfmx-cwap-8yhp |
|
| 31 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 32 |
| vulnerability |
VCID-czph-uxwr-5uge |
|
| 33 |
| vulnerability |
VCID-d3yp-gq4c-vyf8 |
|
| 34 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 35 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 36 |
| vulnerability |
VCID-ea5s-xphb-6ub7 |
|
| 37 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 38 |
| vulnerability |
VCID-emu7-jhv2-zqb8 |
|
| 39 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 40 |
| vulnerability |
VCID-evke-m8nn-6ua3 |
|
| 41 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 42 |
| vulnerability |
VCID-fumj-9pun-zfc5 |
|
| 43 |
| vulnerability |
VCID-g4hn-yz26-1beb |
|
| 44 |
| vulnerability |
VCID-gvan-87dt-b7fp |
|
| 45 |
| vulnerability |
VCID-h8xn-n98n-qqdv |
|
| 46 |
| vulnerability |
VCID-hbky-xx53-vkct |
|
| 47 |
| vulnerability |
VCID-hck4-emsr-q7dc |
|
| 48 |
| vulnerability |
VCID-j11s-2mhg-pfdn |
|
| 49 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 50 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 51 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 52 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 53 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 54 |
| vulnerability |
VCID-krn6-pwk5-ake2 |
|
| 55 |
| vulnerability |
VCID-kzwd-2e6n-fkbm |
|
| 56 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 57 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 58 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 59 |
| vulnerability |
VCID-n9uc-b76m-8fbs |
|
| 60 |
| vulnerability |
VCID-nfdb-m7rg-47ca |
|
| 61 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 62 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 63 |
| vulnerability |
VCID-qxyw-7hnt-hqd6 |
|
| 64 |
| vulnerability |
VCID-r3f7-9paf-83ht |
|
| 65 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 66 |
| vulnerability |
VCID-r88h-mteg-yka9 |
|
| 67 |
| vulnerability |
VCID-rdfn-52p2-afa7 |
|
| 68 |
| vulnerability |
VCID-rscq-xx52-2ua8 |
|
| 69 |
| vulnerability |
VCID-s3bw-w61k-eqhy |
|
| 70 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 71 |
| vulnerability |
VCID-s5cy-eva4-wbaf |
|
| 72 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 73 |
| vulnerability |
VCID-tmwc-f872-mufw |
|
| 74 |
| vulnerability |
VCID-ucg8-htfc-2bhn |
|
| 75 |
| vulnerability |
VCID-uptz-tj66-7yfk |
|
| 76 |
| vulnerability |
VCID-uvgt-7m5a-xkdc |
|
| 77 |
| vulnerability |
VCID-v4qm-48kk-pfaz |
|
| 78 |
| vulnerability |
VCID-v54t-5thx-1beu |
|
| 79 |
| vulnerability |
VCID-v6ha-ekxw-7bfr |
|
| 80 |
| vulnerability |
VCID-v7zm-cw8w-6yf8 |
|
| 81 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 82 |
| vulnerability |
VCID-vda3-4fgr-gfbw |
|
| 83 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 84 |
| vulnerability |
VCID-vs2j-b4qg-nbgu |
|
| 85 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 86 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 87 |
| vulnerability |
VCID-wavt-rrws-3yhs |
|
| 88 |
| vulnerability |
VCID-wawr-t9dc-33fj |
|
| 89 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 90 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 91 |
| vulnerability |
VCID-xnmk-jah2-ufce |
|
| 92 |
| vulnerability |
VCID-xy2y-yxfu-xfgm |
|
| 93 |
| vulnerability |
VCID-y2vh-7r7h-9ugu |
|
| 94 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 95 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 96 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 97 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0 |
|
|
| aliases |
CVE-2014-0215, GHSA-2fmv-j5xj-4fmq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qpu2-8paz-7ydv |
|
| 34 |
| url |
VCID-qxyw-7hnt-hqd6 |
| vulnerability_id |
VCID-qxyw-7hnt-hqd6 |
| summary |
Improper Control of Generation of Code ('Code Injection')
Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to execute arbitrary code via a calculated question in a quiz. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.11 |
| purl |
pkg:composer/moodle/moodle@2.4.11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.5.7 |
| purl |
pkg:composer/moodle/moodle@2.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.6.4 |
| purl |
pkg:composer/moodle/moodle@2.6.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@2.7.1 |
| purl |
pkg:composer/moodle/moodle@2.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 3 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 6 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 7 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 8 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 9 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 10 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 11 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 12 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 13 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 14 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 15 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 16 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 17 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 18 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 19 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 20 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 21 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 22 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 23 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 24 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 25 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 26 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 27 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 28 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 29 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 30 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 31 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 32 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 33 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 34 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 35 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 36 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 37 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 38 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1 |
|
|
| aliases |
CVE-2014-3545, GHSA-3m99-h3hp-w9j7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qxyw-7hnt-hqd6 |
|
| 35 |
| url |
VCID-r6kn-b963-eqge |
| vulnerability_id |
VCID-r6kn-b963-eqge |
| summary |
URL Redirection to Untrusted Site (Open Redirect)
Links within assignment submission comments would open directly (in the same window). Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more susceptible to exploits. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.17 |
| purl |
pkg:composer/moodle/moodle@3.1.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 10 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 11 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 12 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 13 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 14 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.5.5 |
| purl |
pkg:composer/moodle/moodle@3.5.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 7 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 12 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 13 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 16 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 23 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 24 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 25 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.6.3 |
| purl |
pkg:composer/moodle/moodle@3.6.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 9 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 10 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 11 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3 |
|
|
| aliases |
CVE-2019-3850, GHSA-3fj7-9j8m-7r8g
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r6kn-b963-eqge |
|
| 36 |
| url |
VCID-r7wm-grca-3fgw |
| vulnerability_id |
VCID-r7wm-grca-3fgw |
| summary |
Moodle does not properly manage privileges for WebDAV repositories
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.2 |
| purl |
pkg:composer/moodle/moodle@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2 |
|
|
| aliases |
CVE-2013-1836, GHSA-664q-mrxx-2x2v
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r7wm-grca-3fgw |
|
| 37 |
| url |
VCID-s6uu-335k-yfbc |
| vulnerability_id |
VCID-s6uu-335k-yfbc |
| summary |
Improper Input Validation
Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.17 |
| purl |
pkg:composer/moodle/moodle@3.1.17 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 10 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 11 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 12 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 13 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 14 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.17 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.5.5 |
| purl |
pkg:composer/moodle/moodle@3.5.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 7 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 12 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 13 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 16 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 23 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 24 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 25 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.6.3 |
| purl |
pkg:composer/moodle/moodle@3.6.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 9 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 10 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 11 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3 |
|
|
| aliases |
CVE-2019-3847, GHSA-qrcj-6fjw-3h9h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s6uu-335k-yfbc |
|
| 38 |
| url |
VCID-vb67-yux5-ayhf |
| vulnerability_id |
VCID-vb67-yux5-ayhf |
| summary |
Weak Password Recovery Mechanism for Forgotten Password
In Moodle, web service tokens are not invalidated when the user password is changed or forced to be changed. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.7.16 |
| purl |
pkg:composer/moodle/moodle@2.7.16 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 3 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 4 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 9 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 13 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 14 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 15 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 16 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 19 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 20 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 21 |
| vulnerability |
VCID-v54t-5thx-1beu |
|
| 22 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 23 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 24 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 25 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 26 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 27 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.16 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.9.0-beta |
| purl |
pkg:composer/moodle/moodle@2.9.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 4 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 5 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 9 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 10 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 11 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 12 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 13 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 14 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 15 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 16 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 17 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 18 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 19 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 20 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 21 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 22 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 23 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.0-beta |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.9.8 |
| purl |
pkg:composer/moodle/moodle@2.9.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 2 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 9 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 10 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 11 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 12 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 13 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 14 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 15 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 16 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 17 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 18 |
| vulnerability |
VCID-v54t-5thx-1beu |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 21 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 22 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 23 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 24 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 25 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.8 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.0.6 |
| purl |
pkg:composer/moodle/moodle@3.0.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 3 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 4 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 5 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 8 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 9 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 10 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 11 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 20 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 21 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 22 |
| vulnerability |
VCID-v54t-5thx-1beu |
|
| 23 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 24 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 29 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.6 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.1.2 |
| purl |
pkg:composer/moodle/moodle@3.1.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 3 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 6 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 7 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 8 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 9 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 10 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 11 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 12 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 13 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 14 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 15 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 16 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 17 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 18 |
| vulnerability |
VCID-e2zc-7ujn-wybu |
|
| 19 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 20 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 21 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 22 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 23 |
| vulnerability |
VCID-jn5n-6hg9-tyf7 |
|
| 24 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 25 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 26 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 27 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 28 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 29 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 30 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 31 |
| vulnerability |
VCID-q2fa-jymp-c3bb |
|
| 32 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 33 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 34 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 35 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 36 |
| vulnerability |
VCID-v54t-5thx-1beu |
|
| 37 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 38 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 39 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 40 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 41 |
| vulnerability |
VCID-x927-nh46-7fdy |
|
| 42 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 43 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 44 |
| vulnerability |
VCID-yp82-zj5g-pbaf |
|
| 45 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 46 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 47 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.2 |
|
|
| aliases |
CVE-2016-7038, GHSA-2phx-w35g-x9vm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vb67-yux5-ayhf |
|
| 39 |
| url |
VCID-vfp6-4h8n-bkax |
| vulnerability_id |
VCID-vfp6-4h8n-bkax |
| summary |
Code Injection
Moodle is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy `drag and drop into text` (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.0-beta |
| purl |
pkg:composer/moodle/moodle@3.1.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 3 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 9 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 10 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 11 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 12 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 13 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 14 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 15 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 16 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.1.14 |
| purl |
pkg:composer/moodle/moodle@3.1.14 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 5 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 6 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 9 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 10 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 11 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 12 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 13 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 14 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 15 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 16 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 17 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 18 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 19 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 20 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.14 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.3.8 |
| purl |
pkg:composer/moodle/moodle@3.3.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 5 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 6 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 7 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 8 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 9 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 10 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 11 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 12 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 13 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.8 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.5 |
| purl |
pkg:composer/moodle/moodle@3.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 3 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 4 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 5 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 6 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 7 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 10 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 11 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 12 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 13 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 14 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 15 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 16 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 19 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.5 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.5.2 |
| purl |
pkg:composer/moodle/moodle@3.5.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 3 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-akv3-zfp8-kkc7 |
|
| 8 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 9 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 10 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 11 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 12 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 13 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 14 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 15 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 16 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 17 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 18 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 19 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 20 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 21 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 22 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 23 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 24 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 25 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 26 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 27 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 28 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 29 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 30 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 31 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 32 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 33 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 34 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 35 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 36 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 37 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.2 |
|
|
| aliases |
CVE-2018-14630, GHSA-c3pr-h96w-2jjg
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vfp6-4h8n-bkax |
|
| 40 |
| url |
VCID-vgxb-fkuj-9fgk |
| vulnerability_id |
VCID-vgxb-fkuj-9fgk |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.2 |
| purl |
pkg:composer/moodle/moodle@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2 |
|
|
| aliases |
CVE-2013-1832, GHSA-pgp5-rcwp-qvfg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vgxb-fkuj-9fgk |
|
| 41 |
| url |
VCID-w9ca-exua-g7ar |
| vulnerability_id |
VCID-w9ca-exua-g7ar |
| summary |
Improper Access Control
Teachers in a quiz group could modify group overrides for other groups in the same quiz. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.5.7 |
| purl |
pkg:composer/moodle/moodle@3.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 2 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 3 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 8 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 9 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 19 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 20 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.7.1 |
| purl |
pkg:composer/moodle/moodle@3.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-494p-pmxw-b7e2 |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 15 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 16 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1 |
|
|
| aliases |
CVE-2019-10188, GHSA-92q5-2h76-vgmj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w9ca-exua-g7ar |
|
| 42 |
| url |
VCID-x7rg-rsb5-pya7 |
| vulnerability_id |
VCID-x7rg-rsb5-pya7 |
| summary |
Improper Access Control
Users with permission to delete entries from a glossary were able to delete entries from other glossaries they did not have direct access to. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.5.7 |
| purl |
pkg:composer/moodle/moodle@3.5.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 2 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 3 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 8 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 9 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 15 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 16 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 17 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 18 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 19 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 20 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 21 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 22 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.7.1 |
| purl |
pkg:composer/moodle/moodle@3.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-494p-pmxw-b7e2 |
|
| 4 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 5 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 6 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 7 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 8 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 9 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 10 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 13 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 14 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 15 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 16 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 17 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1 |
|
|
| aliases |
CVE-2019-10187, GHSA-2mg9-hv69-897x
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x7rg-rsb5-pya7 |
|
| 43 |
| url |
VCID-xmm4-zw49-3feh |
| vulnerability_id |
VCID-xmm4-zw49-3feh |
| summary |
Information Exposure
The (1) `core_enrol_get_course_enrolment_methods` and (2) `enrol_self_get_instance_info` web services in Moodle do not consider the `moodle/course:viewhiddencourses` capability, which allows remote authenticated users to obtain sensitive information via a web-service request. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.7.0-beta |
| purl |
pkg:composer/moodle/moodle@2.7.0-beta |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 2 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 11 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 16 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 17 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 18 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 19 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 20 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 21 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 22 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 25 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 26 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.0-beta |
|
| 1 |
| url |
pkg:composer/moodle/moodle@2.7.12 |
| purl |
pkg:composer/moodle/moodle@2.7.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 3 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 6 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 7 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 8 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 9 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 10 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 11 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 12 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 13 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 14 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 15 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 16 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 17 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 18 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 19 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 20 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 21 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 22 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 23 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 24 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 25 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 26 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 27 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 28 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 29 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 30 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 31 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 32 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 33 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 34 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 35 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 36 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 37 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.12 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@2.8.10 |
| purl |
pkg:composer/moodle/moodle@2.8.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 4 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 8 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 9 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 10 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 11 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 12 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 15 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 18 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 19 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 20 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 25 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 26 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 27 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 28 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 29 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 30 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 31 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 32 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 33 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.10 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@2.9.4 |
| purl |
pkg:composer/moodle/moodle@2.9.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 3 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 4 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 7 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 8 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 9 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 10 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 11 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 12 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 15 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 16 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 17 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 18 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 19 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 20 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 25 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 26 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 27 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 28 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 29 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 30 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 31 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 32 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 33 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.4 |
|
| 4 |
| url |
pkg:composer/moodle/moodle@3.0.2 |
| purl |
pkg:composer/moodle/moodle@3.0.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2dxb-v1af-jbax |
|
| 1 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 2 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 3 |
| vulnerability |
VCID-4kq5-ctsv-eka8 |
|
| 4 |
| vulnerability |
VCID-5rbf-4dz3-2qdz |
|
| 5 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 6 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 7 |
| vulnerability |
VCID-9nd7-4wve-97hc |
|
| 8 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 9 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 10 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 11 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 12 |
| vulnerability |
VCID-dhku-uah4-ykh8 |
|
| 13 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 14 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 15 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 16 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 17 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 18 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 19 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 20 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 21 |
| vulnerability |
VCID-kgvw-uxf4-wbc1 |
|
| 22 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 23 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 24 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 25 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 26 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 27 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 28 |
| vulnerability |
VCID-s3ue-e5h8-f3dy |
|
| 29 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 30 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 31 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 32 |
| vulnerability |
VCID-vtq4-fpr8-hudb |
|
| 33 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 34 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 35 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 36 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 37 |
| vulnerability |
VCID-zgzm-wj81-jkah |
|
| 38 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 39 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.0.2 |
|
|
| aliases |
CVE-2016-0724, GHSA-hjrj-7wcj-7j3c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xmm4-zw49-3feh |
|
| 44 |
| url |
VCID-y15n-cf9z-dyc4 |
| vulnerability_id |
VCID-y15n-cf9z-dyc4 |
| summary |
Exposure of Sensitive Information to an Unauthorized Actor
lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@2.4.2 |
| purl |
pkg:composer/moodle/moodle@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-37pj-u3gh-n7fd |
|
| 2 |
| vulnerability |
VCID-65y9-9ur2-pugc |
|
| 3 |
| vulnerability |
VCID-83kb-4mk9-t7ge |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-ajkr-fxa1-mkhk |
|
| 6 |
| vulnerability |
VCID-an53-nu91-k3d7 |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-duna-st9c-mqbk |
|
| 9 |
| vulnerability |
VCID-eaqp-7abt-6kg9 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fsex-f512-pudv |
|
| 12 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 13 |
| vulnerability |
VCID-k1bh-ymgt-e7cd |
|
| 14 |
| vulnerability |
VCID-k6pw-51st-b3d2 |
|
| 15 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 16 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 17 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 18 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 22 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 23 |
| vulnerability |
VCID-vb67-yux5-ayhf |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-xmm4-zw49-3feh |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-yghg-775s-vber |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.2 |
|
|
| aliases |
CVE-2013-1831, GHSA-xr24-jp5c-6c4v
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y15n-cf9z-dyc4 |
|
| 45 |
| url |
VCID-y8up-cqtu-jkdw |
| vulnerability_id |
VCID-y8up-cqtu-jkdw |
| summary |
Cross-site Scripting
Persistent XSS in `/course/modedit.php` of Moodle allows authenticated users (Teacher) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the `introeditor[text]` parameter. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.7.3 |
| purl |
pkg:composer/moodle/moodle@3.7.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 1 |
| vulnerability |
VCID-3uvf-6ztd-xkaf |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-c14d-1sa2-rkf6 |
|
| 6 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 7 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 8 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 9 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 10 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 11 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 12 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 13 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.3 |
|
|
| aliases |
CVE-2019-18210, GHSA-q6vw-27c6-jv9c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y8up-cqtu-jkdw |
|
| 46 |
| url |
VCID-yghg-775s-vber |
| vulnerability_id |
VCID-yghg-775s-vber |
| summary |
Server-Side Request Forgery (SSRF)
Moodle has Server Side Request Forgery in the `filepicker`. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@3.1.10 |
| purl |
pkg:composer/moodle/moodle@3.1.10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-9t4u-n1pn-w3bd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 7 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 8 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 9 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 19 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 20 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 21 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 22 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 23 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 24 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 25 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 26 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 27 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 28 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.10 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.2.7 |
| purl |
pkg:composer/moodle/moodle@3.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 3 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 4 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 5 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 6 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 7 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 8 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 9 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 10 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 11 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 12 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 13 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 14 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 15 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 16 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 17 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 18 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.2.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.3.4 |
| purl |
pkg:composer/moodle/moodle@3.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 2 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 3 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 4 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 5 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 6 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 7 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 8 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 9 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 10 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 11 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 12 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 13 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 14 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 15 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 16 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 17 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 18 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 19 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 20 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 21 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 22 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 23 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 24 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 25 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.3.4 |
|
| 3 |
| url |
pkg:composer/moodle/moodle@3.4.1 |
| purl |
pkg:composer/moodle/moodle@3.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-336n-hpzg-euhd |
|
| 2 |
| vulnerability |
VCID-4rz2-b4e3-87g5 |
|
| 3 |
| vulnerability |
VCID-8mgr-gdzj-4ybs |
|
| 4 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 5 |
| vulnerability |
VCID-b7br-bh2d-rygp |
|
| 6 |
| vulnerability |
VCID-bjnq-q2nd-1khp |
|
| 7 |
| vulnerability |
VCID-ckg1-9vpt-yfdk |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 10 |
| vulnerability |
VCID-fegs-ubsk-63hu |
|
| 11 |
| vulnerability |
VCID-fygy-9njn-abgd |
|
| 12 |
| vulnerability |
VCID-g8ct-c4ce-zuaf |
|
| 13 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 14 |
| vulnerability |
VCID-k73h-z6j8-gkgz |
|
| 15 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 16 |
| vulnerability |
VCID-m4zv-e3dn-budf |
|
| 17 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 18 |
| vulnerability |
VCID-mmg3-7fz9-5uak |
|
| 19 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 20 |
| vulnerability |
VCID-p2gd-7uam-mqf8 |
|
| 21 |
| vulnerability |
VCID-qhv1-wgpm-7fh6 |
|
| 22 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 23 |
| vulnerability |
VCID-r6kn-b963-eqge |
|
| 24 |
| vulnerability |
VCID-s6uu-335k-yfbc |
|
| 25 |
| vulnerability |
VCID-vfp6-4h8n-bkax |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-x9vd-njdz-jua9 |
|
| 29 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 30 |
| vulnerability |
VCID-zjrq-np3y-hua5 |
|
| 31 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.1 |
|
|
| aliases |
CVE-2018-1042, GHSA-qqjv-mc2v-p7mc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yghg-775s-vber |
|
| 47 |
| url |
VCID-zjrq-np3y-hua5 |
| vulnerability_id |
VCID-zjrq-np3y-hua5 |
| summary |
Information Exposure
Permissions were not correctly checked before loading event information into the calendar's edit event modal popup, so logged in non-guest users could view unauthorised calendar events. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@3.5.5 |
| purl |
pkg:composer/moodle/moodle@3.5.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-3cb4-wz6x-ckcd |
|
| 2 |
| vulnerability |
VCID-42fa-qbft-rfff |
|
| 3 |
| vulnerability |
VCID-56wj-4124-ryd2 |
|
| 4 |
| vulnerability |
VCID-6m19-4krm-2udd |
|
| 5 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 6 |
| vulnerability |
VCID-bbj9-hpz3-xqhh |
|
| 7 |
| vulnerability |
VCID-c1a1-z5m1-nfbc |
|
| 8 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 9 |
| vulnerability |
VCID-dpd2-1sqc-qqfy |
|
| 10 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 11 |
| vulnerability |
VCID-fskk-cb95-uqer |
|
| 12 |
| vulnerability |
VCID-gnez-ehgq-rfbr |
|
| 13 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 14 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 15 |
| vulnerability |
VCID-jcsq-3q5z-4kc6 |
|
| 16 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 17 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 18 |
| vulnerability |
VCID-mhm4-8kuk-t7b6 |
|
| 19 |
| vulnerability |
VCID-mkfz-e1ft-2bcw |
|
| 20 |
| vulnerability |
VCID-mqde-66zm-qbbj |
|
| 21 |
| vulnerability |
VCID-nntc-dsz1-e3fp |
|
| 22 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 23 |
| vulnerability |
VCID-pgfa-bkaw-q7cq |
|
| 24 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 25 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 26 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 27 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 28 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 29 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@3.6.3 |
| purl |
pkg:composer/moodle/moodle@3.6.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2s6b-tp6p-gue1 |
|
| 1 |
| vulnerability |
VCID-a6pb-47tu-afcg |
|
| 2 |
| vulnerability |
VCID-deur-8zdf-2kh2 |
|
| 3 |
| vulnerability |
VCID-eu27-a3px-87ed |
|
| 4 |
| vulnerability |
VCID-hhzz-hbqz-akfw |
|
| 5 |
| vulnerability |
VCID-jcq6-btgz-fkf6 |
|
| 6 |
| vulnerability |
VCID-kgva-z9gg-u3dw |
|
| 7 |
| vulnerability |
VCID-m3np-aebb-8qaa |
|
| 8 |
| vulnerability |
VCID-n5tc-1k33-dfeq |
|
| 9 |
| vulnerability |
VCID-paj4-nq1r-jbd3 |
|
| 10 |
| vulnerability |
VCID-qxsq-ku22-r7gx |
|
| 11 |
| vulnerability |
VCID-w2b2-fuky-j3ff |
|
| 12 |
| vulnerability |
VCID-w9ca-exua-g7ar |
|
| 13 |
| vulnerability |
VCID-x7rg-rsb5-pya7 |
|
| 14 |
| vulnerability |
VCID-y8up-cqtu-jkdw |
|
| 15 |
| vulnerability |
VCID-zwkk-zazw-6fgg |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.3 |
|
|
| aliases |
CVE-2019-3848, GHSA-45rw-4r25-jvg7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zjrq-np3y-hua5 |
|
| 48 |
| url |
VCID-zwkk-zazw-6fgg |
| vulnerability_id |
VCID-zwkk-zazw-6fgg |
| summary |
Improper Validation of Integrity Check Value
It was found in Moodle that a insufficient capability checks in some grade related web services meant students were able to view other students grades. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2021-20184, GHSA-mm73-86f9-5x5c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zwkk-zazw-6fgg |
|