NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Results Type: Overview
Keyword (text search): cpe:2.3:a:moodle:moodle:3.4.3:*:*:*:*:*:*:*
CPE Name Search: true

There are 65 matching records.

Displaying matches 61 through 65.

Vuln ID	Summary	CVSS Severity
CVE-2018-10890	A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. It was possible for the core_course_get_categories web service to return hidden categories, which should be omitted when fetching course categories. Published: July 10, 2018; 2:29:00 PM -0400	V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM
CVE-2018-10889	A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain details of other users who interacted with the requester. Published: July 10, 2018; 2:29:00 PM -0400	V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM
CVE-2010-4208	Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf. Published: November 07, 2010; 5:00:03 PM -0500	V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2010-4207	Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf. Published: November 07, 2010; 5:00:03 PM -0500	V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2007-6538	SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. Published: December 27, 2007; 6:46:00 PM -0500	V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH