Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5539) CVE-2023-5539 CWE-94 CWE-94 High Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5540) CVE-2023-5540 CWE-94 CWE-94 High Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-28333) CVE-2023-28333 CWE-94 CWE-94 Critical Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-28593) CVE-2024-28593 CWE-94 CWE-94 Medium Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-43425) CVE-2024-43425 CWE-94 CWE-94 High Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3641) CVE-2025-3641 CWE-94 CWE-94 High Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3642) CVE-2025-3642 CWE-94 CWE-94 High Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-67847) CVE-2025-67847 CWE-94 CWE-94 High Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2026-26045) CVE-2026-26045 CWE-94 CWE-94 High Moodle Improper Control of Generation of Code (Code Injection) (CVE-2019-14827) CVE-2019-14827 Medium Moodle Improper Encoding or Escaping of Output Vulnerability (CVE-2021-40694) CVE-2021-40694 CWE-116 CWE-116 Medium Moodle Improper Following of Specification by Caller Vulnerability (CVE-2019-14829) CVE-2019-14829 CWE-573 CWE-573 Medium Moodle Improper Handling of Insufficient Permissions or Privileges Vulnerability (CVE-2025-67848) CVE-2025-67848 CWE-280 CWE-280 High Moodle Improper Input Validation Vulnerability (CVE-2006-4935) CVE-2006-4935 CWE-20 CWE-20 Critical Moodle Improper Input Validation Vulnerability (CVE-2006-4936) CVE-2006-4936 CWE-20 CWE-20 Critical Moodle Improper Input Validation Vulnerability (CVE-2009-1171) CVE-2009-1171 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2011-4294) CVE-2011-4294 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2011-4302) CVE-2011-4302 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2011-4582) CVE-2011-4582 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2012-0795) CVE-2012-0795 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2012-0801) CVE-2012-0801 CWE-20 CWE-20 High Moodle Improper Input Validation Vulnerability (CVE-2012-1168) CVE-2012-1168 CWE-20 CWE-20 High Moodle Improper Input Validation Vulnerability (CVE-2012-6087) CVE-2012-6087 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2012-6099) CVE-2012-6099 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2012-6101) CVE-2012-6101 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2013-2083) CVE-2013-2083 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2014-9060) CVE-2014-9060 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2017-2576) CVE-2017-2576 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2018-1137) CVE-2018-1137 CWE-20 CWE-20 High Moodle Improper Input Validation Vulnerability (CVE-2019-3847) CVE-2019-3847 CWE-20 CWE-20 High Moodle Improper Input Validation Vulnerability (CVE-2019-10134) CVE-2019-10134 CWE-20 CWE-20 Low Moodle Improper Input Validation Vulnerability (CVE-2020-1756) CVE-2020-1756 CWE-20 CWE-20 High Moodle Improper Input Validation Vulnerability (CVE-2020-10738) CVE-2020-10738 CWE-20 CWE-20 High Moodle Improper Input Validation Vulnerability (CVE-2021-3943) CVE-2021-3943 CWE-20 CWE-20 Critical Moodle Improper Input Validation Vulnerability (CVE-2022-35649) CVE-2022-35649 CWE-20 CWE-20 Critical Moodle Improper Input Validation Vulnerability (CVE-2022-35650) CVE-2022-35650 CWE-20 CWE-20 High Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-4524) CVE-2013-4524 CWE-22 CWE-22 Medium Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-1493) CVE-2015-1493 CWE-22 CWE-22 Medium Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43434) CVE-2024-43434 CWE-22 CWE-22 High Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43440) CVE-2024-43440 CWE-22 CWE-22 High Moodle Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-5153) CVE-2008-5153 CWE-59 CWE-59 Medium Moodle Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2025-67851) CVE-2025-67851 CWE-1236 CWE-1236 High Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2004-1424) CVE-2004-1424 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0123) CVE-2008-0123 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1502) CVE-2008-1502 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3326) CVE-2008-3326 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5432) CVE-2008-5432 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0500) CVE-2009-0500 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0502) CVE-2009-0502 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1614) CVE-2010-1614 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1618) CVE-2010-1618 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1619) CVE-2010-1619 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2228) CVE-2010-2228 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2229) CVE-2010-2229 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2230) CVE-2010-2230 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4278) CVE-2011-4278 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4280) CVE-2011-4280 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4282) CVE-2011-4282 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4286) CVE-2011-4286 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4290) CVE-2011-4290 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4299) CVE-2011-4299 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4306) CVE-2011-4306 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4307) CVE-2011-4307 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4591) CVE-2011-4591 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2360) CVE-2012-2360 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2361) CVE-2012-2361 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2362) CVE-2012-2362 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2364) CVE-2012-2364 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2365) CVE-2012-2365 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3389) CVE-2012-3389 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3393) CVE-2012-3393 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3396) CVE-2012-3396 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1833) CVE-2013-1833 CWE-707 CWE-707 Low Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2244) CVE-2013-2244 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4341) CVE-2013-4341 CWE-707 CWE-707 Medium 1...92939495...327 93 / 327
