GCVE - cpe:2.3:a:moodle:moodle:1.9.9:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:1.9.9:*:*:*:*:*:*:*

part: a version: 1.9.9 update: *

Vendor	Moodle (`1f527b56-744d-5be6-b0f4-b691bd50b8c3`)
Product	Moodle (`221dc9da-2dde-53d2-a358-e0cb5ac858f7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/bitnami/moodle`	purl2cpe	2026-06-01 10:13:14.068017
`pkg:github/moodle/moodle`	purl2cpe	2026-06-01 10:13:14.068018
`pkg:rpm/fedora/moodle`	purl2cpe	2026-06-01 10:13:14.068020
`pkg:rpm/opensuse/moodle`	purl2cpe	2026-06-01 10:13:14.068021

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-4525`	vulnerable	2026-06-08 05:04:47.897082	Details available Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an answer to a text-based quiz question. Published: 2013-11-26T02:00:00.000Z Updated: 2024-08-06T16:45:14.854Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41820 http://openwall.com/lists/oss-security/2013/11/25/1 https://moodle.org/mod/forum/discuss.php?d=244482	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4524`	vulnerable	2026-06-08 05:04:47.893872	Details available Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path. Published: 2013-11-26T02:00:00.000Z Updated: 2024-08-06T16:45:15.047Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41807 http://openwall.com/lists/oss-security/2013/11/25/1 https://moodle.org/mod/forum/discuss.php?d=244481	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4523`	vulnerable	2026-06-08 05:04:47.890983	Details available Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted message. Published: 2013-11-26T02:00:00.000Z Updated: 2024-08-06T16:45:15.234Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41941 https://moodle.org/mod/forum/discuss.php?d=244480 http://openwall.com/lists/oss-security/2013/11/25/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4522`	vulnerable	2026-06-08 05:04:47.857949	Details available lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy server. Published: 2013-11-26T02:00:00.000Z Updated: 2024-08-06T16:45:15.089Z Open on db.gcve.eu Reference links http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38743 https://moodle.org/mod/forum/discuss.php?d=244479 http://openwall.com/lists/oss-security/2013/11/25/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-3630`	vulnerable	2026-06-08 05:04:32.400615	Details available Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor. Published: 2013-11-01T01:00:00.000Z Updated: 2024-08-06T16:14:56.560Z Open on db.gcve.eu Reference links https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one http://packetstormsecurity.com/files/164479/Moodle-Authenticated-Spelling-Binary-Remote-Code-Execution.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1834`	vulnerable	2026-06-08 05:03:56.676197	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1831`	vulnerable	2026-06-08 05:03:56.672450	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1830`	vulnerable	2026-06-08 05:03:56.654645	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-6098`	vulnerable	2026-06-08 05:02:59.469491	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-3398`	vulnerable	2026-06-08 05:02:09.584938	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2367`	vulnerable	2026-06-08 05:02:03.942842	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2363`	vulnerable	2026-06-08 05:02:03.940145	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-2362`	vulnerable	2026-06-08 05:02:03.935289	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0796`	vulnerable	2026-06-08 05:00:45.345331	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0795`	vulnerable	2026-06-08 05:00:45.344479	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0794`	vulnerable	2026-06-08 05:00:45.343617	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0793`	vulnerable	2026-06-08 05:00:45.333651	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-0792`	vulnerable	2026-06-08 05:00:45.329773	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4593`	vulnerable	2026-06-08 04:59:32.022793	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4588`	vulnerable	2026-06-08 04:59:32.020130	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4587`	vulnerable	2026-06-08 04:59:32.019373	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4586`	vulnerable	2026-06-08 04:59:32.018466	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4585`	vulnerable	2026-06-08 04:59:32.017824	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4584`	vulnerable	2026-06-08 04:59:32.017041	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4308`	vulnerable	2026-06-08 04:59:30.097460	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4306`	vulnerable	2026-06-08 04:59:30.096489	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4305`	vulnerable	2026-06-08 04:59:30.095988	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4302`	vulnerable	2026-06-08 04:59:30.094432	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4301`	vulnerable	2026-06-08 04:59:30.093779	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4294`	vulnerable	2026-06-08 04:59:30.090849	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4290`	vulnerable	2026-06-08 04:59:30.089163	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4288`	vulnerable	2026-06-08 04:59:30.088309	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4286`	vulnerable	2026-06-08 04:59:30.087498	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4283`	vulnerable	2026-06-08 04:59:30.086367	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4278`	vulnerable	2026-06-08 04:59:30.081642	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4203`	vulnerable	2026-06-08 04:59:29.854252	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4133`	vulnerable	2026-06-08 04:59:29.654927	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Moodle 1.9.9

PURL mappings

Vulnerability references

Contribute