Identifier Related Record Severity Date Published Description Versions Affected
CVE-2015-5267 Medium Feb 22, 2016 lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 relies on the PHP mt_rand function to imple more...
2.5.5, 2.6.2, 2.4.9, 2.5.4, 2.3.11, 2.4.8, 2.6.1, 2.6, 2.3.10, 2.5.3
CVE-2015-5266 Medium Feb 22, 2016 The enrol_meta_sync function in enrol/meta/locallib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allow more...
2.5.5, 2.6.2, 2.4.9, 2.5.4, 2.3.11, 2.4.8, 2.6.1, 2.6, 2.3.10, 2.5.3
CVE-2015-5265 Medium Feb 22, 2016 The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles more...
2.5.5, 2.6.2, 2.4.9, 2.5.4, 2.3.11, 2.4.8, 2.6.1, 2.6, 2.3.10, 2.5.3
CVE-2015-5264 Medium Feb 22, 2016 The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass more...
2.5.5, 2.6.2, 2.4.9, 2.5.4, 2.3.11, 2.4.8, 2.6.1, 2.6, 2.3.10, 2.5.3
CVE-2015-3275 Medium Feb 22, 2016 Multiple cross-site scripting (XSS) vulnerabilities in the SCORM module in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x bef more...
2.5.5, 2.6.2, 2.4.9, 2.5.4, 2.3.11, 2.4.8, 2.6.1, 2.6, 2.3.10, 2.5.3
CVE-2015-3181 Medium Jun 01, 2015 files/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not consider the moodle/user:manage more...
2.5.5, 2.4.9, 2.6.2, 2.6.1, 2.4.8, 2.5.4, 2.3.11, 2.5.3, 2.3.10, 2.4.7
CVE-2015-3180 Medium Jun 01, 2015 lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to obt more...
2.5.5, 2.4.9, 2.6.2, 2.6.1, 2.4.8, 2.5.4, 2.3.11, 2.5.3, 2.3.10, 2.4.7
CVE-2015-3179 Low Jun 01, 2015 login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass more...
2.5.5, 2.4.9, 2.6.2, 2.6.1, 2.4.8, 2.5.4, 2.3.11, 2.5.3, 2.3.10, 2.4.7
CVE-2015-3178 Low Jun 01, 2015 Cross-site scripting (XSS) vulnerability in the external_format_text function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7. more...
2.5.5, 2.4.9, 2.6.2, 2.6.1, 2.4.8, 2.5.4, 2.3.11, 2.5.3, 2.3.10, 2.4.7
CVE-2015-3176 Medium Jun 01, 2015 The account-confirmation feature in login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows r more...
2.5.5, 2.4.9, 2.6.2, 2.6.1, 2.4.8, 2.5.4, 2.3.11, 2.5.3, 2.3.10, 2.4.7