Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Arbitrary File Read Arbitrary File Write Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Path Traversal Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Moodle Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2023-30943) CVE-2023-30943 CWE-610 CWE-610 Medium Moodle Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-48896) CVE-2024-48896 CWE-209 CWE-209 Medium Moodle Improper Access Control Vulnerability (CVE-2015-2267) CVE-2015-2267 CWE-284 CWE-284 Medium Moodle Improper Access Control Vulnerability (CVE-2016-2159) CVE-2016-2159 CWE-284 CWE-284 Medium Moodle Improper Access Control Vulnerability (CVE-2016-3729) CVE-2016-3729 CWE-284 CWE-284 Medium Moodle Improper Access Control Vulnerability (CVE-2016-3733) CVE-2016-3733 CWE-284 CWE-284 Medium Moodle Improper Access Control Vulnerability (CVE-2016-8642) CVE-2016-8642 CWE-284 CWE-284 Medium Moodle Improper Access Control Vulnerability (CVE-2016-8643) CVE-2016-8643 CWE-284 CWE-284 Medium Moodle Improper Authentication Vulnerability (CVE-2010-1613) CVE-2010-1613 CWE-287 CWE-287 Medium Moodle Improper Authentication Vulnerability (CVE-2011-4590) CVE-2011-4590 CWE-287 CWE-287 Medium Moodle Improper Authentication Vulnerability (CVE-2013-2245) CVE-2013-2245 CWE-287 CWE-287 Medium Moodle Improper Authentication Vulnerability (CVE-2014-0214) CVE-2014-0214 CWE-287 CWE-287 Medium Moodle Improper Authentication Vulnerability (CVE-2014-3552) CVE-2014-3552 CWE-287 CWE-287 Medium Moodle Improper Authentication Vulnerability (CVE-2021-40693) CVE-2021-40693 CWE-287 CWE-287 Medium Moodle Improper Authentication Vulnerability (CVE-2022-0985) CVE-2022-0985 CWE-287 CWE-287 Medium Moodle Improper Authorization Vulnerability (CVE-2019-14828) CVE-2019-14828 CWE-285 CWE-285 Medium Moodle Improper Check for Dropped Privileges Vulnerability (CVE-2019-14879) CVE-2019-14879 CWE-273 CWE-273 Medium Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4203) CVE-2011-4203 CWE-94 CWE-94 Medium Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-0796) CVE-2012-0796 CWE-94 CWE-94 Medium Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-3630) CVE-2013-3630 CWE-94 CWE-94 Medium Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3545) CVE-2014-3545 CWE-94 CWE-94 Medium Moodle Improper Control of Generation of Code (Code Injection) (CVE-2019-14827) CVE-2019-14827 Medium Moodle Improper Encoding or Escaping of Output Vulnerability (CVE-2021-40694) CVE-2021-40694 CWE-116 CWE-116 Medium Moodle Improper Following of Specification by Caller Vulnerability (CVE-2019-14829) CVE-2019-14829 CWE-573 CWE-573 Medium Moodle Improper Input Validation Vulnerability (CVE-2009-1171) CVE-2009-1171 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2011-4294) CVE-2011-4294 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2011-4302) CVE-2011-4302 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2011-4582) CVE-2011-4582 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2012-0795) CVE-2012-0795 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2012-6087) CVE-2012-6087 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2012-6099) CVE-2012-6099 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2012-6101) CVE-2012-6101 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2013-2083) CVE-2013-2083 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2014-9060) CVE-2014-9060 CWE-20 CWE-20 Medium Moodle Improper Input Validation Vulnerability (CVE-2017-2576) CVE-2017-2576 CWE-20 CWE-20 Medium Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-4524) CVE-2013-4524 CWE-22 CWE-22 Medium Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-1493) CVE-2015-1493 CWE-22 CWE-22 Medium Moodle Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-5153) CVE-2008-5153 CWE-59 CWE-59 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2004-1424) CVE-2004-1424 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0123) CVE-2008-0123 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1502) CVE-2008-1502 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-5432) CVE-2008-5432 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0500) CVE-2009-0500 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0502) CVE-2009-0502 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1614) CVE-2010-1614 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1618) CVE-2010-1618 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1619) CVE-2010-1619 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2228) CVE-2010-2228 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2229) CVE-2010-2229 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2230) CVE-2010-2230 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4278) CVE-2011-4278 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4280) CVE-2011-4280 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4282) CVE-2011-4282 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4286) CVE-2011-4286 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4290) CVE-2011-4290 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4299) CVE-2011-4299 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4306) CVE-2011-4306 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4307) CVE-2011-4307 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4591) CVE-2011-4591 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3389) CVE-2012-3389 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2244) CVE-2013-2244 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4341) CVE-2013-4341 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4939) CVE-2013-4939 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4940) CVE-2013-4940 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4941) CVE-2013-4941 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4942) CVE-2013-4942 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7341) CVE-2013-7341 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0218) CVE-2014-0218 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3547) CVE-2014-3547 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3548) CVE-2014-3548 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3549) CVE-2014-3549 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3550) CVE-2014-3550 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9059) CVE-2014-9059 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3274) CVE-2015-3274 CWE-707 CWE-707 Medium Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3275) CVE-2015-3275 CWE-707 CWE-707 Medium 1...42434445...107 43 / 107
