Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23922) CVE-2023-23922 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28331) CVE-2023-28331 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-28332) CVE-2023-28332 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35131) CVE-2023-35131 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-46858) CVE-2023-46858 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-29374) CVE-2024-29374 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-33997) CVE-2024-33997 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-33998) CVE-2024-33998 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-34000) CVE-2024-34000 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-37674) CVE-2024-37674 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-38274) CVE-2024-38274 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43437) CVE-2024-43437 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-43439) CVE-2024-43439 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-3643) CVE-2025-3643 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26528) CVE-2025-26528 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26529) CVE-2025-26529 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-26530) CVE-2025-26530 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-67849) CVE-2025-67849 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-67850) CVE-2025-67850 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2025-67855) CVE-2025-67855 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-5013) CVE-2016-5013 CWE-138 CWE-138 Medium Moodle Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2026-26046) CVE-2026-26046 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-0146) CVE-2006-0146 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2006-4785) CVE-2006-4785 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-6124) CVE-2008-6124 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4305) CVE-2009-4305 CWE-138 CWE-138 Medium Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-1615) CVE-2010-1615 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4292) CVE-2011-4292 CWE-138 CWE-138 Medium Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2363) CVE-2012-2363 CWE-138 CWE-138 Medium Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-3395) CVE-2012-3395 CWE-138 CWE-138 Medium Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2013-4313) CVE-2013-4313 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-7919) CVE-2016-7919 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-2641) CVE-2017-2641 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-25700) CVE-2020-25700 CWE-138 CWE-138 Medium Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-32474) CVE-2021-32474 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36392) CVE-2021-36392 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-36393) CVE-2021-36393 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0332) CVE-2022-0332 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-0983) CVE-2022-0983 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-30599) CVE-2022-30599 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-40315) CVE-2022-40315 CWE-138 CWE-138 Critical Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-28329) CVE-2023-28329 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30944) CVE-2023-30944 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-35132) CVE-2023-35132 CWE-138 CWE-138 Medium Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-43436) CVE-2024-43436 CWE-138 CWE-138 High Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-26533) CVE-2025-26533 CWE-138 CWE-138 Critical Moodle Improper Privilege Management Vulnerability (CVE-2017-7489) CVE-2017-7489 CWE-269 CWE-269 Medium Moodle Improper Privilege Management Vulnerability (CVE-2017-7532) CVE-2017-7532 CWE-269 CWE-269 Medium Moodle Improper Privilege Management Vulnerability (CVE-2018-1134) CVE-2018-1134 CWE-269 CWE-269 Medium Moodle Improper Privilege Management Vulnerability (CVE-2019-3849) CVE-2019-3849 CWE-269 CWE-269 High Moodle Improper Privilege Management Vulnerability (CVE-2020-25699) CVE-2020-25699 CWE-269 CWE-269 High Moodle Improper Privilege Management Vulnerability (CVE-2023-5549) CVE-2023-5549 CWE-269 CWE-269 Medium Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-62399) CVE-2025-62399 CWE-307 CWE-307 High Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-67853) CVE-2025-67853 CWE-307 CWE-307 High Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2012-1170) CVE-2012-1170 CWE-354 CWE-354 High Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2021-20184) CVE-2021-20184 CWE-354 CWE-354 Medium Moodle Improper Validation of Specified Type of Input Vulnerability (CVE-2024-43426) CVE-2024-43426 CWE-1287 CWE-1287 High Moodle Inappropriate Encoding for Output Context Vulnerability (CVE-2024-34006) CVE-2024-34006 CWE-838 CWE-838 Medium Moodle Incomplete Cleanup Vulnerability (CVE-2024-38275) CVE-2024-38275 CWE-459 CWE-459 High Moodle Incorrect Authorization Vulnerability (CVE-2020-14321) CVE-2020-14321 CWE-863 CWE-863 High Moodle Incorrect Authorization Vulnerability (CVE-2020-25701) CVE-2020-25701 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2021-20282) CVE-2021-20282 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2021-20283) CVE-2021-20283 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2021-40692) CVE-2021-40692 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2022-0333) CVE-2022-0333 CWE-863 CWE-863 Low Moodle Incorrect Authorization Vulnerability (CVE-2022-0984) CVE-2022-0984 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2024-43433) CVE-2024-43433 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2024-48897) CVE-2024-48897 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2024-48901) CVE-2024-48901 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2025-3644) CVE-2025-3644 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2025-3645) CVE-2025-3645 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2025-3647) CVE-2025-3647 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2025-26526) CVE-2025-26526 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2025-26531) CVE-2025-26531 CWE-863 CWE-863 Medium Moodle Incorrect Authorization Vulnerability (CVE-2025-26532) CVE-2025-26532 CWE-863 CWE-863 Medium 1...94959697...327 95 / 327
