Moodle — система управления образовательными электронными курсами

Moodle Reflected XSS in mod_data advanced search

Moodle allows attackers to modify "Exclude grade" settings

Moodle XSS from profile fields from external db

Moodle allows attackers to obtain sensitive category-detail information

Moodle Authenticated Spelling Binary Remote Code Execution

Moodle Logged in users could view all calendar events

Moodle XSS Vulnerability

Moodle XSS Vulnerability

Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.

SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title)."