Moodle Multiple Vulnerabilities Network Vulnerability

Summary

Moodle is prone to multiple vulnerabilities including cross-site request-forgery, security bypass, information-disclosure and SQL- injection issues. Attackers can exploit these issues to bypass certain security restrictions, gain access to sensitive information, perform unauthorized actions, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. These issues affect Moodle versions prior to 1.8.11 and 1.9.7.

Solution

Updates are available. Please see the references for more information.

References

http://moodle.org/security/
http://www.moodle.org
http://www.securityfocus.com/bid/37244

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4297

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe ColdFusion Unspecified Information Disclosure Vulnerability
Apache Rave User Information Disclosure Vulnerability
Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
Apache Tomcat NIO Connector Denial of Service Vulnerability
AMSI 'file' Parameter Directory Traversal Vulnerability

Take action and discover your vulnerabilities