CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Moodle: >> Moodle >> 1.9.10 Security Vulnerabilities

CVE-2010-4207

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf.

CVSS Score

4.3

EPSS Score

0.02

Published

2010-11-07

CVE-2010-4208

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf.

CVSS Score

4.3

EPSS Score

0.018

Published

2010-11-07

CVE-2007-6538

SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS Score

7.5

EPSS Score

0.012

Published

2007-12-27

Page 26

Vulnerabilities

Vulnerable Software

Moodle: >> Moodle >> 1.9.10 Security Vulnerabilities

Products

Pricing

Contact Us