GCVE - cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:2.7.7:*:*:*:*:*:*:*

part: a version: 2.7.7 update: *

Vendor	Moodle (`1f527b56-744d-5be6-b0f4-b691bd50b8c3`)
Product	Moodle (`221dc9da-2dde-53d2-a358-e0cb5ac858f7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/bitnami/moodle`	purl2cpe	2026-06-01 10:13:14.068645
`pkg:github/moodle/moodle`	purl2cpe	2026-06-01 10:13:14.068647
`pkg:rpm/fedora/moodle`	purl2cpe	2026-06-01 10:13:14.068648
`pkg:rpm/opensuse/moodle`	purl2cpe	2026-06-01 10:13:14.068649

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-7491`	vulnerable	2026-06-08 05:09:56.194667	Details available In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting. Published: 2017-05-15T14:00:00.000Z Updated: 2024-08-05T16:04:11.706Z Open on db.gcve.eu Reference links https://moodle.org/mod/forum/discuss.php?d=352355	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7490`	vulnerable	2026-06-08 05:09:56.192682	Details available In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing. Published: 2017-05-15T14:00:00.000Z Updated: 2024-08-05T16:04:11.541Z Open on db.gcve.eu Reference links https://moodle.org/mod/forum/discuss.php?d=352354	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7489`	vulnerable	2026-06-08 05:09:56.169110	Details available In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link. Published: 2017-05-15T14:00:00.000Z Updated: 2024-08-05T16:04:11.581Z Open on db.gcve.eu Reference links https://moodle.org/mod/forum/discuss.php?d=352353	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-2641`	vulnerable	2026-06-08 05:09:24.851157	Details available In Moodle 2.x and 3.x, SQL injection can occur via user preferences. Published: 2017-03-26T18:00:00.000Z Updated: 2024-08-05T14:02:07.130Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/41828/ http://www.securityfocus.com/bid/96977 https://moodle.org/mod/forum/discuss.php?d=349419 http://www.securitytracker.com/id/1038174	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-3734`	vulnerable	2026-06-08 05:07:45.947804	Details available Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read. Published: 2017-04-20T21:00:00.000Z Updated: 2024-08-06T00:03:34.471Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2016/05/17/4 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53755 https://bugzilla.redhat.com/show_bug.cgi?id=1335933 http://www.securitytracker.com/id/1035902 http://www.securityfocus.com/bid/91281	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-3733`	vulnerable	2026-06-08 05:07:45.946549	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-3732`	vulnerable	2026-06-08 05:07:45.945199	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-3729`	vulnerable	2026-06-08 05:07:45.926175	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-2190`	vulnerable	2026-06-08 05:07:33.570167	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-2159`	vulnerable	2026-06-08 05:07:33.402977	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-2158`	vulnerable	2026-06-08 05:07:33.401862	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-2157`	vulnerable	2026-06-08 05:07:33.399935	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-2156`	vulnerable	2026-06-08 05:07:33.398937	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-2153`	vulnerable	2026-06-08 05:07:33.396408	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-2152`	vulnerable	2026-06-08 05:07:33.395224	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-2151`	vulnerable	2026-06-08 05:07:33.382740	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-0724`	vulnerable	2026-06-08 05:07:15.915118	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5342`	vulnerable	2026-06-08 05:06:49.633580	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5341`	vulnerable	2026-06-08 05:06:49.632785	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5340`	vulnerable	2026-06-08 05:06:49.631778	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5339`	vulnerable	2026-06-08 05:06:49.631001	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5338`	vulnerable	2026-06-08 05:06:49.630218	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5337`	vulnerable	2026-06-08 05:06:49.629306	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5336`	vulnerable	2026-06-08 05:06:49.628515	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5335`	vulnerable	2026-06-08 05:06:49.625297	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5272`	vulnerable	2026-06-08 05:06:49.413746	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5269`	vulnerable	2026-06-08 05:06:49.402637	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5268`	vulnerable	2026-06-08 05:06:49.401873	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5267`	vulnerable	2026-06-08 05:06:49.400891	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5266`	vulnerable	2026-06-08 05:06:49.400110	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5265`	vulnerable	2026-06-08 05:06:49.399214	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5264`	vulnerable	2026-06-08 05:06:49.392412	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3275`	vulnerable	2026-06-08 05:06:37.859400	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3274`	vulnerable	2026-06-08 05:06:37.858690	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3272`	vulnerable	2026-06-08 05:06:37.852384	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3181`	vulnerable	2026-06-08 05:06:37.404463	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3180`	vulnerable	2026-06-08 05:06:37.403439	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3179`	vulnerable	2026-06-08 05:06:37.402329	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3178`	vulnerable	2026-06-08 05:06:37.401294	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3176`	vulnerable	2026-06-08 05:06:37.399685	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3175`	vulnerable	2026-06-08 05:06:37.398640	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3174`	vulnerable	2026-06-08 05:06:37.394621	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Moodle Moodle 2.7.7

PURL mappings

Vulnerability references

Contribute