Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:2.6.2:*:*:*:*:*:*:*

part: a version: 2.6.2 update: *

VendorMoodle (1f527b56-744d-5be6-b0f4-b691bd50b8c3)
ProductMoodle (221dc9da-2dde-53d2-a358-e0cb5ac858f7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/bitnami/moodle purl2cpe 2026-06-01 10:13:14.068471
pkg:github/moodle/moodle purl2cpe 2026-06-01 10:13:14.068473
pkg:rpm/fedora/moodle purl2cpe 2026-06-01 10:13:14.068474
pkg:rpm/opensuse/moodle purl2cpe 2026-06-01 10:13:14.068476

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2015-3274 vulnerable 2026-06-08 05:06:37.858409 Details available
Cross-site scripting (XSS) vulnerability in the user_get_user_details function in user/lib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to inject arbitrary web script or HTML by leveraging absence of an external_format_text call in a web service.
Published: 2016-02-22T02:00:00.000Z
Updated: 2024-08-06T05:39:32.145Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-3272 vulnerable 2026-06-08 05:06:37.852096 Details available
Open redirect vulnerability in the clean_param function in lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving an HTTP Referer header that has a substring match with a local URL.
Published: 2016-02-22T02:00:00.000Z
Updated: 2024-08-06T05:39:32.140Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-3181 vulnerable 2026-06-08 05:06:37.404208 Details available
files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manageownfiles capability before approving a private-file upload, which allows remote authenticated users to bypass intended file-management restrictions by using web services to perform uploads after this capability has been revoked.
Published: 2015-06-01T19:00:00.000Z
Updated: 2024-08-06T05:39:31.660Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-3180 vulnerable 2026-06-08 05:06:37.403187 Details available
lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obtain sensitive course-structure information by leveraging access to a student account with a suspended enrolment.
Published: 2015-06-01T19:00:00.000Z
Updated: 2024-08-06T05:39:32.046Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-3179 vulnerable 2026-06-08 05:06:37.402065 Details available
login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access to an unconfirmed suspended account.
Published: 2015-06-01T19:00:00.000Z
Updated: 2024-08-06T05:39:31.951Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-3178 vulnerable 2026-06-08 05:06:37.401036 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-3176 vulnerable 2026-06-08 05:06:37.399433 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-3175 vulnerable 2026-06-08 05:06:37.398378 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-3174 vulnerable 2026-06-08 05:06:37.386531 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2273 vulnerable 2026-06-08 05:06:27.799701 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2272 vulnerable 2026-06-08 05:06:27.798850 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2271 vulnerable 2026-06-08 05:06:27.797948 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2270 vulnerable 2026-06-08 05:06:27.796983 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2269 vulnerable 2026-06-08 05:06:27.795967 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2268 vulnerable 2026-06-08 05:06:27.794979 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2267 vulnerable 2026-06-08 05:06:27.794066 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-2266 vulnerable 2026-06-08 05:06:27.788526 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-1493 vulnerable 2026-06-08 05:06:25.753290 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-0218 vulnerable 2026-06-08 05:06:13.950163 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-0217 vulnerable 2026-06-08 05:06:13.949406 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-0215 vulnerable 2026-06-08 05:06:13.939567 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-0214 vulnerable 2026-06-08 05:06:13.938565 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-0213 vulnerable 2026-06-08 05:06:13.937840 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-0212 vulnerable 2026-06-08 05:06:13.937074 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2015-0211 vulnerable 2026-06-08 05:06:13.931867 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-9060 vulnerable 2026-06-08 05:06:10.841976 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-9059 vulnerable 2026-06-08 05:06:10.837986 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7848 vulnerable 2026-06-08 05:06:00.229620 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7847 vulnerable 2026-06-08 05:06:00.228900 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7846 vulnerable 2026-06-08 05:06:00.228093 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7845 vulnerable 2026-06-08 05:06:00.227337 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7838 vulnerable 2026-06-08 05:06:00.073866 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7837 vulnerable 2026-06-08 05:06:00.073169 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7836 vulnerable 2026-06-08 05:06:00.072472 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7835 vulnerable 2026-06-08 05:06:00.071767 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7834 vulnerable 2026-06-08 05:06:00.070855 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7833 vulnerable 2026-06-08 05:06:00.070144 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7832 vulnerable 2026-06-08 05:06:00.069449 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7831 vulnerable 2026-06-08 05:06:00.068697 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-7830 vulnerable 2026-06-08 05:06:00.064819 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3617 vulnerable 2026-06-08 05:05:41.849789 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3553 vulnerable 2026-06-08 05:05:33.384643 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3551 vulnerable 2026-06-08 05:05:33.382418 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3548 vulnerable 2026-06-08 05:05:33.380932 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3547 vulnerable 2026-06-08 05:05:33.379850 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3546 vulnerable 2026-06-08 05:05:33.378794 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3545 vulnerable 2026-06-08 05:05:33.378062 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3544 vulnerable 2026-06-08 05:05:33.376902 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3543 vulnerable 2026-06-08 05:05:33.375639 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3542 vulnerable 2026-06-08 05:05:33.374284 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-3541 vulnerable 2026-06-08 05:05:33.373078 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0218 vulnerable 2026-06-08 05:05:12.240548 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0217 vulnerable 2026-06-08 05:05:12.238888 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0216 vulnerable 2026-06-08 05:05:12.238561 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0215 vulnerable 2026-06-08 05:05:12.236943 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0214 vulnerable 2026-06-08 05:05:12.235272 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-0213 vulnerable 2026-06-08 05:05:12.233416 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.