NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:moodle:moodle:3.11.0:rc2:*:*:*:*:*:*
CPE Name Search: true

There are 65 matching records.

Displaying matches 61 through 65.

Vuln ID	Summary	CVSS Severity
CVE-2021-43558	A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk. Published: November 22, 2021; 11:15:08 AM -0500	V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2021-3943	A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was identified. Published: November 22, 2021; 11:15:07 AM -0500	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH
CVE-2010-4208	Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf. Published: November 07, 2010; 5:00:03 PM -0500	V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2010-4207	Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf. Published: November 07, 2010; 5:00:03 PM -0500	V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2007-6538	SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. Published: December 27, 2007; 6:46:00 PM -0500	V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH