Description

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password hashes and (2) unspecified "secrets" in backup files, which might allow attackers to obtain sensitive information.

Remediation

References

CVE-2009-4303

Related Vulnerabilities

MySQL CVE-2020-14623 Vulnerability (CVE-2020-14623)

MySQL CVE-2017-3450 Vulnerability (CVE-2017-3450)

Open Resty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11724)

Joomla Improper Authentication Vulnerability (CVE-2017-16634)

Apache Tomcat Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-4444)

Severity

Medium

Classification

CVE-2009-4303 CWE-200

Tags

Missing Update Known Vulnerabilities