Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-cvqm-kjhx-q7ej
Summary
Cross-Site Request Forgery (CSRF)
Cross-site request forgery (CSRF) vulnerability in enrol/imsenterprise/importnow.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that import an IMS Enterprise file.
Aliases
0
alias CVE-2014-0126
1
alias GHSA-4wvg-7886-83gv
Fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
Affected_packages
0
url pkg:composer/moodle/moodle@2.5.0
purl pkg:composer/moodle/moodle@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ehh-qz6c-ykhp
1
vulnerability VCID-1whm-dsv7-t7gm
2
vulnerability VCID-2s6b-tp6p-gue1
3
vulnerability VCID-37pj-u3gh-n7fd
4
vulnerability VCID-4v57-bu85-syhr
5
vulnerability VCID-4xqt-yugc-qufr
6
vulnerability VCID-5ru2-1n1f-afa4
7
vulnerability VCID-65y9-9ur2-pugc
8
vulnerability VCID-6v43-drd7-ufd7
9
vulnerability VCID-7g7m-bu5q-gbcx
10
vulnerability VCID-83kb-4mk9-t7ge
11
vulnerability VCID-88pw-zwqn-cqfd
12
vulnerability VCID-a6pb-47tu-afcg
13
vulnerability VCID-ajkr-fxa1-mkhk
14
vulnerability VCID-an53-nu91-k3d7
15
vulnerability VCID-bjnq-q2nd-1khp
16
vulnerability VCID-cvqm-kjhx-q7ej
17
vulnerability VCID-czph-uxwr-5uge
18
vulnerability VCID-duna-st9c-mqbk
19
vulnerability VCID-ea5s-xphb-6ub7
20
vulnerability VCID-eaqp-7abt-6kg9
21
vulnerability VCID-eu27-a3px-87ed
22
vulnerability VCID-fsex-f512-pudv
23
vulnerability VCID-gdz8-d8j3-nqdh
24
vulnerability VCID-h8xn-n98n-qqdv
25
vulnerability VCID-j3t3-svwb-p7bn
26
vulnerability VCID-jcq6-btgz-fkf6
27
vulnerability VCID-k1bh-ymgt-e7cd
28
vulnerability VCID-k6pw-51st-b3d2
29
vulnerability VCID-k73h-z6j8-gkgz
30
vulnerability VCID-m3np-aebb-8qaa
31
vulnerability VCID-m4zv-e3dn-budf
32
vulnerability VCID-mkfz-e1ft-2bcw
33
vulnerability VCID-nntc-dsz1-e3fp
34
vulnerability VCID-q3wv-9hj6-vbgt
35
vulnerability VCID-qhv1-wgpm-7fh6
36
vulnerability VCID-qpu2-8paz-7ydv
37
vulnerability VCID-qxyw-7hnt-hqd6
38
vulnerability VCID-r6kn-b963-eqge
39
vulnerability VCID-r88h-mteg-yka9
40
vulnerability VCID-rdfn-52p2-afa7
41
vulnerability VCID-s5cy-eva4-wbaf
42
vulnerability VCID-s6uu-335k-yfbc
43
vulnerability VCID-ucg8-htfc-2bhn
44
vulnerability VCID-vb67-yux5-ayhf
45
vulnerability VCID-vfp6-4h8n-bkax
46
vulnerability VCID-vrfy-36yc-muhr
47
vulnerability VCID-vs2j-b4qg-nbgu
48
vulnerability VCID-vwyj-z4gf-8fg5
49
vulnerability VCID-w9ca-exua-g7ar
50
vulnerability VCID-x7rg-rsb5-pya7
51
vulnerability VCID-xmm4-zw49-3feh
52
vulnerability VCID-y8up-cqtu-jkdw
53
vulnerability VCID-yghg-775s-vber
54
vulnerability VCID-zjrq-np3y-hua5
55
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.0
1
url pkg:composer/moodle/moodle@2.6.0
purl pkg:composer/moodle/moodle@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ehh-qz6c-ykhp
1
vulnerability VCID-1rar-m2g3-27ag
2
vulnerability VCID-1whm-dsv7-t7gm
3
vulnerability VCID-29yj-e9bd-queq
4
vulnerability VCID-2s6b-tp6p-gue1
5
vulnerability VCID-37pj-u3gh-n7fd
6
vulnerability VCID-3xwm-hqap-8bct
7
vulnerability VCID-4v57-bu85-syhr
8
vulnerability VCID-4xqt-yugc-qufr
9
vulnerability VCID-5c29-qn3p-3yde
10
vulnerability VCID-5ru2-1n1f-afa4
11
vulnerability VCID-65y9-9ur2-pugc
12
vulnerability VCID-6v43-drd7-ufd7
13
vulnerability VCID-7g7m-bu5q-gbcx
14
vulnerability VCID-7x8g-tdd5-kqbs
15
vulnerability VCID-83kb-4mk9-t7ge
16
vulnerability VCID-88pw-zwqn-cqfd
17
vulnerability VCID-8q4n-d565-kfbn
18
vulnerability VCID-a6pb-47tu-afcg
19
vulnerability VCID-ajkr-fxa1-mkhk
20
vulnerability VCID-an53-nu91-k3d7
21
vulnerability VCID-bfmx-cwap-8yhp
22
vulnerability VCID-bjnq-q2nd-1khp
23
vulnerability VCID-cvqm-kjhx-q7ej
24
vulnerability VCID-czph-uxwr-5uge
25
vulnerability VCID-duna-st9c-mqbk
26
vulnerability VCID-ea5s-xphb-6ub7
27
vulnerability VCID-eaqp-7abt-6kg9
28
vulnerability VCID-eu27-a3px-87ed
29
vulnerability VCID-fs9k-21es-rygd
30
vulnerability VCID-fsex-f512-pudv
31
vulnerability VCID-fumj-9pun-zfc5
32
vulnerability VCID-gdz8-d8j3-nqdh
33
vulnerability VCID-h8xn-n98n-qqdv
34
vulnerability VCID-hbky-xx53-vkct
35
vulnerability VCID-hck4-emsr-q7dc
36
vulnerability VCID-j3t3-svwb-p7bn
37
vulnerability VCID-jcq6-btgz-fkf6
38
vulnerability VCID-k1bh-ymgt-e7cd
39
vulnerability VCID-k6pw-51st-b3d2
40
vulnerability VCID-k73h-z6j8-gkgz
41
vulnerability VCID-krn6-pwk5-ake2
42
vulnerability VCID-kzwd-2e6n-fkbm
43
vulnerability VCID-m3np-aebb-8qaa
44
vulnerability VCID-m4zv-e3dn-budf
45
vulnerability VCID-mkfz-e1ft-2bcw
46
vulnerability VCID-nntc-dsz1-e3fp
47
vulnerability VCID-q3wv-9hj6-vbgt
48
vulnerability VCID-qhv1-wgpm-7fh6
49
vulnerability VCID-qpu2-8paz-7ydv
50
vulnerability VCID-qxyw-7hnt-hqd6
51
vulnerability VCID-r6kn-b963-eqge
52
vulnerability VCID-r88h-mteg-yka9
53
vulnerability VCID-rdfn-52p2-afa7
54
vulnerability VCID-s5cy-eva4-wbaf
55
vulnerability VCID-s6uu-335k-yfbc
56
vulnerability VCID-ucg8-htfc-2bhn
57
vulnerability VCID-uptz-tj66-7yfk
58
vulnerability VCID-uvgt-7m5a-xkdc
59
vulnerability VCID-v4qm-48kk-pfaz
60
vulnerability VCID-v7zm-cw8w-6yf8
61
vulnerability VCID-vb67-yux5-ayhf
62
vulnerability VCID-vda3-4fgr-gfbw
63
vulnerability VCID-vfp6-4h8n-bkax
64
vulnerability VCID-vrfy-36yc-muhr
65
vulnerability VCID-vs2j-b4qg-nbgu
66
vulnerability VCID-vwyj-z4gf-8fg5
67
vulnerability VCID-w9ca-exua-g7ar
68
vulnerability VCID-x7rg-rsb5-pya7
69
vulnerability VCID-xmm4-zw49-3feh
70
vulnerability VCID-xnmk-jah2-ufce
71
vulnerability VCID-y8up-cqtu-jkdw
72
vulnerability VCID-yghg-775s-vber
73
vulnerability VCID-zjrq-np3y-hua5
74
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.0
References
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0126
reference_id
reference_type
scores
0
value 0.00126
scoring_system epss
scoring_elements 0.31397
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0126
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/41a19bffeef0ee6b0560a5ff808fd4bd35075fa1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/41a19bffeef0ee6b0560a5ff808fd4bd35075fa1
5
reference_url https://github.com/moodle/moodle/commit/caf766507771e07c1752ece1f37a32b2b4f6d8b9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/caf766507771e07c1752ece1f37a32b2b4f6d8b9
6
reference_url https://github.com/moodle/moodle/commit/ea8647b39ec9cf1d73e04b05559bd12d97aa5229
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ea8647b39ec9cf1d73e04b05559bd12d97aa5229
7
reference_url https://github.com/moodle/moodle/commit/eee61675f042a9ec89f8f6d219b4ded010198fe4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/eee61675f042a9ec89f8f6d219b4ded010198fe4
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256423
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256423
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0126
reference_id CVE-2014-0126
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0126
10
reference_url https://github.com/advisories/GHSA-4wvg-7886-83gv
reference_id GHSA-4wvg-7886-83gv
reference_type
scores
url https://github.com/advisories/GHSA-4wvg-7886-83gv
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 352
name Cross-Site Request Forgery (CSRF)
description The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-cvqm-kjhx-q7ej