VulnerableCode Vulnerability Details - VCID-3eq5-fe6b-zbbd

Search for vulnerabilities

Vulnerability details: VCID-3eq5-fe6b-zbbd

Essentials
Severities (14)
References (16)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-3eq5-fe6b-zbbd
Aliases	CVE-2010-1616 GHSA-966m-m549-2878
Summary	Moodle is vulnerable to unauthorized new accounts creation Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-284	Improper Access Control
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
generic_textual	MODERATE	http://moodle.org/security
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2010-1616
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2010-1616
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-966m-m549-2878
generic_textual	MODERATE	https://github.com/moodle/moodle
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/55f5b2e8b84e6390c0917195d01a3b34c33ff398
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/5d9ab024ac9c311c84716628cce9a124173a2e8b
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/5e934890c9fbe28bf89362d3eb6140208b5e3464
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/b0ccfc5ce87f09d4df814b057f5e6820d37fdad1
generic_textual	MODERATE	https://github.com/moodle/moodle/commit/d8ada21339ecc147eccaaae97678f5368ac05f8b
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2010-1616
generic_textual	MODERATE	http://tracker.moodle.org/browse/MDL-16658
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2010/1107

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
		http://moodle.org/security
		http://moodle.org/security/
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1616.json
		https://api.first.org/data/v1/epss?cve=CVE-2010-1616
		https://github.com/moodle/moodle
		https://github.com/moodle/moodle/commit/55f5b2e8b84e6390c0917195d01a3b34c33ff398
		https://github.com/moodle/moodle/commit/5d9ab024ac9c311c84716628cce9a124173a2e8b
		https://github.com/moodle/moodle/commit/5e934890c9fbe28bf89362d3eb6140208b5e3464
		https://github.com/moodle/moodle/commit/b0ccfc5ce87f09d4df814b057f5e6820d37fdad1
		https://github.com/moodle/moodle/commit/d8ada21339ecc147eccaaae97678f5368ac05f8b
		https://nvd.nist.gov/vuln/detail/CVE-2010-1616
		http://tracker.moodle.org/browse/MDL-16658
		http://www.vupen.com/english/advisories/2010/1107
578811		https://bugzilla.redhat.com/show_bug.cgi?id=578811
GHSA-966m-m549-2878		https://github.com/advisories/GHSA-966m-m549-2878

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.50778
EPSS Score	0.00277
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:29:25.548546+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-966m-m549-2878/GHSA-966m-m549-2878.json	36.1.3