Description

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password hashes and (2) unspecified "secrets" in backup files, which might allow attackers to obtain sensitive information.

Remediation

References

CVE-2009-4303

Related Vulnerabilities

WordPress Plugin Newsletter-Send awesome emails from WordPress Cross-Site Scripting (3.2.6)

Oracle Application Server CVE-2006-0274 Vulnerability (CVE-2006-0274)

MySQL CVE-2016-0644 Vulnerability (CVE-2016-0644)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19995)

Microsoft SQL Server Other Vulnerability (CVE-2002-1137)

Severity

Medium

Classification

CVE-2009-4303 CWE-200

Tags

Missing Update Known Vulnerabilities