Shodan
Vulnerabilities
Vulnerable Software
Moodle:  >> Moodle  Security Vulnerabilities
CVE-2011-4289
Moodle 2.0.x before 2.0.3 does not recognize the configuration setting that makes e-mail addresses visible only to course members, which allows remote authenticated users to obtain sensitive address information by reading a full profile page.
CVSS Score
4.0
EPSS Score
0.017
Published
2012-07-16
CVE-2011-4290
Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.
CVSS Score
4.3
EPSS Score
0.012
Published
2012-07-16
CVE-2011-4291
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted ratings operations.
CVSS Score
4.0
EPSS Score
0.019
Published
2012-07-16
CVE-2011-4292
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid database records) via a series of crafted comments operations.
CVSS Score
4.0
EPSS Score
0.02
Published
2012-07-16
CVE-2011-4304
The chat functionality in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to discover the name of any user via a beep operation.
CVSS Score
4.0
EPSS Score
0.017
Published
2012-07-11
CVE-2011-4305
message/refresh.php in Moodle 1.9.x before 1.9.14 allows remote authenticated users to cause a denial of service (infinite request loop) via a URL that specifies a zero wait time for message refreshing.
CVSS Score
4.0
EPSS Score
0.019
Published
2012-07-11
CVE-2011-4306
Cross-site scripting (XSS) vulnerability in course/editsection.html in Moodle 1.9.x before 1.9.14 allows remote authenticated users to inject arbitrary web script or HTML via crafted data.
CVSS Score
4.3
EPSS Score
0.018
Published
2012-07-11
CVE-2011-4307
Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
CVSS Score
4.3
EPSS Score
0.012
Published
2012-07-11
CVE-2011-4308
mod/forum/user.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 allows remote authenticated users to discover the names of other users via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.017
Published
2012-07-11
CVE-2011-4309
Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attackers to bypass intended access restrictions and perform global searches by leveraging the guest role and making a direct request to a URL.
CVSS Score
5.0
EPSS Score
0.014
Published
2012-07-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved