Moodle 2.0.9

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:2.0.9:*:*:*:*:*:*:*

part: a version: 2.0.9 update: *

VendorMoodle (1f527b56-744d-5be6-b0f4-b691bd50b8c3)
ProductMoodle (221dc9da-2dde-53d2-a358-e0cb5ac858f7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/bitnami/moodle purl2cpe 2026-06-01 10:13:14.068085
pkg:github/moodle/moodle purl2cpe 2026-06-01 10:13:14.068087
pkg:rpm/fedora/moodle purl2cpe 2026-06-01 10:13:14.068088
pkg:rpm/opensuse/moodle purl2cpe 2026-06-01 10:13:14.068089

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2014-3617 vulnerable 2026-06-08 05:05:41.812119 Details available
The forum_print_latest_discussions function in mod/forum/lib.php in Moodle through 2.4.11, 2.5.x before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2 allows remote authenticated users to bypass the individual answer-posting requirement without the mod/forum:viewqandawithoutposting capability, and discover an author's username, by leveraging the student role and visiting a Q&A forum.
Published: 2014-09-15T14:00:00.000Z
Updated: 2024-08-06T10:50:17.677Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-2571 vulnerable 2026-06-08 05:05:29.205915 Details available
Cross-site scripting (XSS) vulnerability in the quiz_question_tostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question.
Published: 2014-03-22T01:00:00.000Z
Updated: 2024-08-06T10:21:34.688Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0218 vulnerable 2026-06-08 05:05:12.239619 Details available
Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.281Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0216 vulnerable 2026-06-08 05:05:12.237660 Details available
The My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 does not properly restrict file access, which allows remote attackers to obtain sensitive information by visiting an HTML block.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.294Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0215 vulnerable 2026-06-08 05:05:12.236095 Details available
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) using a screen reader or (2) reading the HTML source.
Published: 2014-05-27T00:00:00.000Z
Updated: 2024-08-06T09:05:39.276Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0214 vulnerable 2026-06-08 05:05:12.234267 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0213 vulnerable 2026-06-08 05:05:12.224394 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0129 vulnerable 2026-06-08 05:05:11.707566 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0127 vulnerable 2026-06-08 05:05:11.624843 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0126 vulnerable 2026-06-08 05:05:11.623147 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0125 vulnerable 2026-06-08 05:05:11.621590 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0124 vulnerable 2026-06-08 05:05:11.620047 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0123 vulnerable 2026-06-08 05:05:11.618529 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0122 vulnerable 2026-06-08 05:05:11.616925 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0010 vulnerable 2026-06-08 05:05:10.553071 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0009 vulnerable 2026-06-08 05:05:10.541313 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-7341 vulnerable 2026-06-08 05:05:09.975744 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4525 vulnerable 2026-06-08 05:04:47.897403 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4524 vulnerable 2026-06-08 05:04:47.894191 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4523 vulnerable 2026-06-08 05:04:47.891307 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4522 vulnerable 2026-06-08 05:04:47.867801 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-3630 vulnerable 2026-06-08 05:04:32.410851 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1836 vulnerable 2026-06-08 05:03:56.695477 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1835 vulnerable 2026-06-08 05:03:56.694429 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1834 vulnerable 2026-06-08 05:03:56.693269 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1833 vulnerable 2026-06-08 05:03:56.675024 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1832 vulnerable 2026-06-08 05:03:56.673900 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1831 vulnerable 2026-06-08 05:03:56.672757 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-1830 vulnerable 2026-06-08 05:03:56.664779 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-3398 vulnerable 2026-06-08 05:02:09.592354 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-3397 vulnerable 2026-06-08 05:02:09.584132 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-3396 vulnerable 2026-06-08 05:02:09.583361 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-3395 vulnerable 2026-06-08 05:02:09.582306 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.