GCVE - cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:1.9.7:*:*:*:*:*:*:*

part: a version: 1.9.7 update: *

Vendor	Moodle (`1f527b56-744d-5be6-b0f4-b691bd50b8c3`)
Product	Moodle (`221dc9da-2dde-53d2-a358-e0cb5ac858f7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/bitnami/moodle`	purl2cpe	2026-06-01 10:13:14.068005
`pkg:github/moodle/moodle`	purl2cpe	2026-06-01 10:13:14.068006
`pkg:rpm/fedora/moodle`	purl2cpe	2026-06-01 10:13:14.068008
`pkg:rpm/opensuse/moodle`	purl2cpe	2026-06-01 10:13:14.068009

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-4525`	vulnerable	2026-06-08 05:04:47.897050	Details available Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an answer to a text-based quiz question. Published: 2013-11-26T02:00:00.000Z Updated: 2024-08-06T16:45:14.854Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41820 http://openwall.com/lists/oss-security/2013/11/25/1 https://moodle.org/mod/forum/discuss.php?d=244482	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4524`	vulnerable	2026-06-08 05:04:47.893841	Details available Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path. Published: 2013-11-26T02:00:00.000Z Updated: 2024-08-06T16:45:15.047Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41807 http://openwall.com/lists/oss-security/2013/11/25/1 https://moodle.org/mod/forum/discuss.php?d=244481	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4523`	vulnerable	2026-06-08 05:04:47.890948	Details available Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted message. Published: 2013-11-26T02:00:00.000Z Updated: 2024-08-06T16:45:15.234Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41941 https://moodle.org/mod/forum/discuss.php?d=244480 http://openwall.com/lists/oss-security/2013/11/25/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4522`	vulnerable	2026-06-08 05:04:47.856938	Details available lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy server. Published: 2013-11-26T02:00:00.000Z Updated: 2024-08-06T16:45:15.089Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38743 https://moodle.org/mod/forum/discuss.php?d=244479 http://openwall.com/lists/oss-security/2013/11/25/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-3630`	vulnerable	2026-06-08 05:04:32.399652	Details available Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor. Published: 2013-11-01T01:00:00.000Z Updated: 2024-08-06T16:14:56.560Z Open on db.gcve.eu Reference links https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one http://packetstormsecurity.com/files/164479/Moodle-Authenticated-Spelling-Binary-Remote-Code-Execution.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1834`	vulnerable	2026-06-08 05:03:56.676164	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1831`	vulnerable	2026-06-08 05:03:56.672417	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1830`	vulnerable	2026-06-08 05:03:56.653658	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-6098`	vulnerable	2026-06-08 05:02:59.468352	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-3398`	vulnerable	2026-06-08 05:02:09.584905	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2367`	vulnerable	2026-06-08 05:02:03.942810	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2363`	vulnerable	2026-06-08 05:02:03.940111	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2362`	vulnerable	2026-06-08 05:02:03.934021	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0796`	vulnerable	2026-06-08 05:00:45.345299	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0795`	vulnerable	2026-06-08 05:00:45.344445	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0794`	vulnerable	2026-06-08 05:00:45.343584	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0793`	vulnerable	2026-06-08 05:00:45.333618	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0792`	vulnerable	2026-06-08 05:00:45.328393	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4593`	vulnerable	2026-06-08 04:59:32.022758	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4588`	vulnerable	2026-06-08 04:59:32.020093	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4587`	vulnerable	2026-06-08 04:59:32.019338	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4586`	vulnerable	2026-06-08 04:59:32.018432	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4585`	vulnerable	2026-06-08 04:59:32.017789	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4584`	vulnerable	2026-06-08 04:59:32.017002	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4308`	vulnerable	2026-06-08 04:59:30.097428	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4306`	vulnerable	2026-06-08 04:59:30.096459	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4305`	vulnerable	2026-06-08 04:59:30.095957	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4302`	vulnerable	2026-06-08 04:59:30.094401	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4301`	vulnerable	2026-06-08 04:59:30.093672	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4294`	vulnerable	2026-06-08 04:59:30.090816	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4290`	vulnerable	2026-06-08 04:59:30.089127	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4288`	vulnerable	2026-06-08 04:59:30.088277	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4286`	vulnerable	2026-06-08 04:59:30.087466	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4283`	vulnerable	2026-06-08 04:59:30.086335	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4278`	vulnerable	2026-06-08 04:59:30.081609	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4203`	vulnerable	2026-06-08 04:59:29.854219	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4133`	vulnerable	2026-06-08 04:59:29.653262	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-2231`	vulnerable	2026-06-08 04:54:12.324450	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-2230`	vulnerable	2026-06-08 04:54:12.322896	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-2229`	vulnerable	2026-06-08 04:54:12.321284	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-2228`	vulnerable	2026-06-08 04:54:12.316965	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1619`	vulnerable	2026-06-08 04:54:09.342423	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1618`	vulnerable	2026-06-08 04:54:09.341657	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1617`	vulnerable	2026-06-08 04:54:09.332733	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1616`	vulnerable	2026-06-08 04:54:09.331523	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1615`	vulnerable	2026-06-08 04:54:09.330711	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1614`	vulnerable	2026-06-08 04:54:09.329958	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1613`	vulnerable	2026-06-08 04:54:09.329158	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Moodle 1.9.7

PURL mappings

Vulnerability references

Contribute