Moodle 2.7.10

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:2.7.10:*:*:*:*:*:*:*

part: a version: 2.7.10 update: *

VendorMoodle (1f527b56-744d-5be6-b0f4-b691bd50b8c3)
ProductMoodle (221dc9da-2dde-53d2-a358-e0cb5ac858f7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/bitnami/moodle purl2cpe 2026-06-01 10:13:14.068559
pkg:github/moodle/moodle purl2cpe 2026-06-01 10:13:14.068560
pkg:rpm/fedora/moodle purl2cpe 2026-06-01 10:13:14.068561
pkg:rpm/opensuse/moodle purl2cpe 2026-06-01 10:13:14.068563

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2017-7491 vulnerable 2026-06-08 05:09:56.194714 Details available
In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting.
Published: 2017-05-15T14:00:00.000Z
Updated: 2024-08-05T16:04:11.706Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-7490 vulnerable 2026-06-08 05:09:56.192734 Details available
In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing.
Published: 2017-05-15T14:00:00.000Z
Updated: 2024-08-05T16:04:11.541Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-7489 vulnerable 2026-06-08 05:09:56.171070 Details available
In Moodle 2.x and 3.x, remote authenticated users can take ownership of arbitrary blogs by editing an external blog link.
Published: 2017-05-15T14:00:00.000Z
Updated: 2024-08-05T16:04:11.581Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-2641 vulnerable 2026-06-08 05:09:24.853111 Details available
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
Published: 2017-03-26T18:00:00.000Z
Updated: 2024-08-05T14:02:07.130Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-3734 vulnerable 2026-06-08 05:07:45.947852 Details available
Cross-site request forgery (CSRF) vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read.
Published: 2017-04-20T21:00:00.000Z
Updated: 2024-08-06T00:03:34.471Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-3733 vulnerable 2026-06-08 05:07:45.946597 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-3732 vulnerable 2026-06-08 05:07:45.945248 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-3729 vulnerable 2026-06-08 05:07:45.927769 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-2190 vulnerable 2026-06-08 05:07:33.570216 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-2159 vulnerable 2026-06-08 05:07:33.403023 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-2158 vulnerable 2026-06-08 05:07:33.401909 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-2157 vulnerable 2026-06-08 05:07:33.399982 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-2156 vulnerable 2026-06-08 05:07:33.398985 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-2153 vulnerable 2026-06-08 05:07:33.396456 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-2152 vulnerable 2026-06-08 05:07:33.395274 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-2151 vulnerable 2026-06-08 05:07:33.384352 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-0724 vulnerable 2026-06-08 05:07:15.916658 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-5342 vulnerable 2026-06-08 05:06:49.633628 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-5341 vulnerable 2026-06-08 05:06:49.632833 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-5340 vulnerable 2026-06-08 05:06:49.631931 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-5339 vulnerable 2026-06-08 05:06:49.631049 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-5338 vulnerable 2026-06-08 05:06:49.630268 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-5337 vulnerable 2026-06-08 05:06:49.629353 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-5336 vulnerable 2026-06-08 05:06:49.628566 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-5335 vulnerable 2026-06-08 05:06:49.627420 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.