Description
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2006-1014)
Oracle Application Server CVE-2009-3407 Vulnerability (CVE-2009-3407)
WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.3)
Joomla! Core 1.5.x Open Redirect (1.5.0 - 1.5.6)
WordPress Plugin Mingle Forum 'edit_post_id' Parameter SQL Injection (1.0.31)