| Max CVSS | 5.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-2080 | 4.0 |
The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student
|
01-12-2020 - 14:52 | 25-05-2013 - 03:18 | |
| CVE-2013-2082 | 5.0 |
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not enforce capability requirements for reading blog comments, which allows remote attackers to obtain sensitive information via a crafted request.
|
01-12-2020 - 14:52 | 25-05-2013 - 03:18 | |
| CVE-2013-2083 | 5.0 |
The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which allows remote attackers to bypass intended form-dat
|
01-12-2020 - 14:52 | 25-05-2013 - 03:18 | |
| CVE-2013-2081 | 4.3 |
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive site information by reading form data.
|
01-12-2020 - 14:52 | 25-05-2013 - 03:18 | |
| CVE-2013-2079 | 4.0 |
mod/assign/locallib.php in the assignment module in Moodle 2.3.x before 2.3.7 and 2.4.x before 2.4.4 does not consider capability requirements during the processing of ZIP assignment-archive download (aka downloadall) requests, which allows remote au
|
01-12-2020 - 14:52 | 25-05-2013 - 03:18 |