Moodle Credentials Management Errors Vulnerability (CVE-2009-4304)

Description

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

Remediation

References

CVE-2009-4304

Related Vulnerabilities

PHP Other Vulnerability (CVE-2006-1014)

Oracle Application Server CVE-2009-3407 Vulnerability (CVE-2009-3407)

WordPress Plugin Welcart e-Commerce PHP Object Injection (1.9.3)

Joomla! Core 1.5.x Open Redirect (1.5.0 - 1.5.6)

WordPress Plugin Mingle Forum 'edit_post_id' Parameter SQL Injection (1.0.31)

Severity

High

Classification

CVE-2009-4304

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities