Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 181 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-30884 mdjnelson/moodle-mod_customcert Vulnerable to Authorization Bypass Through User-Controlled Key mdjnelsonmoodle-mod_customcert Critical 9.6 2026-03-18 02:26:30 Deep Dive
CVE-2021-47857 Moodle 3.10.3 - 'label' Persistent Cross Site Scripting MoodleMoodle High 7.2 2026-01-21 17:27:39 Deep Dive
CVE-2025-34032 Moodle LMS Jmol Plugin Cross-site Scripting (XSS) MoodleJmol Plugin--2025-06-24 00:59:27 Deep Dive
CVE-2025-34031 Moodle LMS Jmol Plugin Path Traversal MoodleJmol Plugin--2025-06-24 00:58:57 Deep Dive
CVE-2025-53021 Moodle 授权问题漏洞 MoodleMoodle Medium 4.2 2025-06-24 00:00:00 Deep Dive
CVE-2025-26533 SQL injection risk in course search module list filter Moodle Projectmoodle High 8.1 2025-02-24 20:07:45 Deep Dive
CVE-2025-26532 Teachers can evade trusttext config when restoring glossary entries Moodle Projectmoodle Low 3.1 2025-02-24 20:05:21 Deep Dive
CVE-2025-26531 IDOR in badges allows disabling of arbitrary badges Moodle Projectmoodle Low 3.1 2025-02-24 20:02:58 Deep Dive
CVE-2025-26530 Reflected XSS via question bank filter Moodle Projectmoodle High 8.3 2025-02-24 19:56:15 Deep Dive
CVE-2025-26529 Stored XSS risk in admin live log Moodle Projectmoodle High 8.3 2025-02-24 19:52:49 Deep Dive
CVE-2025-26528 Stored XSS in ddimageortext question type Moodle Projectmoodle Low 3.4 2025-02-24 19:50:12 Deep Dive
CVE-2025-26527 Non-searchable tags can still be discovered on the tag search page and in the tags block Moodle Projectmoodle Medium 5.3 2025-02-24 19:44:06 Deep Dive
CVE-2025-26526 Feedback response viewing and deletions did not respect Separate Groups mode Moodle Projectmoodle Medium 6.5 2025-02-24 19:39:24 Deep Dive
CVE-2025-26525 Arbitrary file read risk through pdfTeX Moodle Projectmoodle High 8.6 2025-02-24 19:31:44 Deep Dive
CVE-2024-38277 moodle: QR login key and auto-login key for the Moodle mobile app should be generated as separate keys MoodleMoodle--2024-06-18 19:49:52 Deep Dive
CVE-2024-38276 moodle: CSRF risks due to misuse of confirm_sesskey MoodleMoodle--2024-06-18 19:49:40 Deep Dive
CVE-2024-38275 moodle: HTTP authorization header is preserved between "emulated redirects" MoodleMoodle--2024-06-18 19:49:27 Deep Dive
CVE-2024-38274 moodle: stored XSS via calendar's event title when deleting the event MoodleMoodle--2024-06-18 19:49:16 Deep Dive
CVE-2024-38273 moodle: BigBlueButton web service leaks meeting joining information to users who should not have access MoodleMoodle--2024-06-18 19:49:03 Deep Dive
CVE-2024-33996 moodle: broken access control when setting calendar event type MoodleMoodle 中危 -2024-05-31 19:29:07 Deep Dive