Package impact

Packagist / moodle/moodle

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Flags	OS	Vendor	Published	Description
CVE-2019-3849	unknown	—	—				4y ago	Moodle Users could elevate their role when accessing the LTI tool on a provider site
CVE-2019-3808	unknown	—	—				4y ago	Moodle XSS Vulnerability
CVE-2018-10891	unknown	—	—				4y ago	Moodle XSS Vulnerability
CVE-2019-3848	unknown	—	—				4y ago	Moodle Logged in users could view all calendar events
CVE-2019-3847	unknown	—	—				4y ago	Moodle XSS Vulnerability
CVE-2019-3810	unknown	—	—				4y ago	Moodle XSS Vulnerability
CVE-2008-1502	unknown	—	—				4y ago	The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filte…
CVE-2006-4936	unknown	—	—				4y ago	Moodle does not properly validate module instance id
CVE-2022-0985	unknown	—	—				4y ago	Improper Authentication in moodle
CVE-2022-0984	unknown	—	—				4y ago	Missing authorization in Moodle
CVE-2012-1159	unknown	—	—				4y ago	Moodle included private user files in course backups
CVE-2012-1157	unknown	—	—				4y ago	Moodle default permissions too permissive
CVE-2012-1156	unknown	—	—				4y ago	Moodle backs up private files
CVE-2022-0983	unknown	—	—				4y ago	SQL Injection in Moodle
CVE-2021-32475	unknown	—	—				4y ago	Moodle stored Cross-site Scripting
CVE-2021-32476	unknown	—	—				4y ago	Moodle denial-of-service risk in the draft files area
CVE-2021-32474	unknown	—	—				4y ago	Moodle Blind SQL injection possible via MNet authentication
CVE-2021-32477	unknown	—	—				4y ago	Moodle Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-32473	unknown	—	—				4y ago	Moodle Information Disclosure vulnerability
CVE-2021-32478	unknown	—	—				4y ago	Moodle reflected XSS
CVE-2021-32472	unknown	—	—				4y ago	Moodle Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-0332	unknown	—	—				4y ago	SQL injection in Moodle
CVE-2022-0333	unknown	—	—				4y ago	Insufficient user authorization in Moodle
CVE-2022-0334	unknown	—	—				4y ago	Insufficient user authorization in Moodle
CVE-2022-0335	unknown	—	—				4y ago	Cross Site Request Forgery in Moodle
CVE-2020-1692	unknown	—	—				4y ago	Cross-Site Request Forgery in Moodle
CVE-2021-43558	unknown	—	—				5y ago	Cross-site Scripting in moodle
CVE-2021-3943	unknown	—	—				5y ago	Moodle vulnerable to RCE via unsafe deserialization
CVE-2020-25703	unknown	—	—				5y ago	Exposure of Sensitive Information to an Unauthorized Actor in Moodle
CVE-2021-20281	unknown	—	—				5y ago	Moodle allowed some users without permission to view other users' full names
CVE-2020-25628	unknown	—	—				5y ago	Cross site-scripting (XSS) moodle
CVE-2020-25702	unknown	—	—				5y ago	Cross-site Scripting (XSS) in moodle
CVE-2020-25699	unknown	—	—				5y ago	Privilage Escalation in moodle
CVE-2020-25701	unknown	—	—				5y ago	Privilage Escalation in moodle
CVE-2020-25698	unknown	—	—				5y ago	Improper Access Control in moodle
CVE-2020-25700	unknown	—	—				5y ago	SQL Injection in moodle
CVE-2021-20280	unknown	—	—				5y ago	Cross-site scripting (XSS) and Server side request forgery (SSRF) in moodle