Description
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.
Remediation
References
Related Vulnerabilities
WordPress Plugin eShop Code Injection (6.3.11)
WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)
Joomla CVE-2019-14654 Vulnerability (CVE-2019-14654)
Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)
WordPress Plugin Pay With Tweet SQL Injection and Cross-Site Scripting Vulnerabilities (1.1)