Description
Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 places an IMS enterprise enrolment file in the course-files area, which allows remote attackers to obtain sensitive information via a request for imsenterprise-enrol.xml.
Remediation
References
Related Vulnerabilities
GibbonEdu Session Fixation Vulnerability (CVE-2022-27305)
WordPress Plugin Form for WordPress-Zoho Forms Cross-Site Scripting (3.0)
Mailman CVE-2006-2941 Vulnerability (CVE-2006-2941)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-2432)
WordPress Plugin WordPress Backup and Migrate-Backup Guard Unspecified Vulnerability (1.0.6)