CVE-2022-45152

EPSS 0.18% · P40 Updated Apr 29, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-45152

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems. This vulnerability allows a remote attacker to perform SSRF attacks.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

服务端请求伪造(SSRF)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Moodle 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Moodle是一套免费、开源的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle存在安全漏洞，该漏洞源于对用户提供的输入验证不足。攻击者利用该漏洞可以发送特制的HTTP请求，并诱骗应用程序向任意系统发起请求。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Moodle	Fixed in moodle 4.0.5, moodle 3.11.11, moodle 3.9.18	-

II. Public POCs for CVE-2022-45152

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-45152

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-11-25 · 40 CVEs total

CVE-2022-45210		JeecgBoot Jeecg-Boot SQL注入漏洞
CVE-2022-45036		WBCE CMS 跨站脚本漏洞
CVE-2022-45037		WBCE CMS 跨站脚本漏洞
CVE-2022-45038		WBCE CMS 跨站脚本漏洞
CVE-2022-45039		WBCE CMS 代码问题漏洞
CVE-2022-45040		WBCE CMS 跨站脚本漏洞
CVE-2022-45205		JeecgBoot Jeecg-Boot SQL注入漏洞
CVE-2022-45206		JeecgBoot Jeecg-Boot SQL注入漏洞
CVE-2022-45207		JeecgBoot Jeecg-Boot SQL注入漏洞
CVE-2022-45208		JeecgBoot Jeecg-Boot SQL注入漏洞
CVE-2022-44860		Automotive Shop Management System SQL注入漏洞
CVE-2022-45218		Human Resource Management System 跨站脚本漏洞
CVE-2022-45225		Book Store Management System 跨站脚本漏洞
CVE-2022-45475		Tiny File Manager 安全漏洞
CVE-2022-45476		Tiny File Manager 代码问题漏洞
CVE-2022-45884		Linux kernel 资源管理错误漏洞
CVE-2022-45885		Linux kernel 资源管理错误漏洞
CVE-2022-45886		Linux kernel 资源管理错误漏洞
CVE-2022-45887		Linux kernel 安全漏洞
CVE-2022-45888		Linux kernel 资源管理错误漏洞

Showing top 20 of 40 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Moodle

Same vendor: n/a

Same weakness: CWE-918

V. Comments for CVE-2022-45152

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-45152

I. Basic Information for CVE-2022-45152

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-45152

III. Intelligence Information for CVE-2022-45152

Same Patch Batch · n/a · 2022-11-25 · 40 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-45152

Leave a comment