Description

Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors.

Remediation

References

CVE-2006-4936

Related Vulnerabilities

WordPress CVE-2016-5839 Vulnerability (CVE-2016-5839)

Squid Out-of-bounds Read Vulnerability (CVE-2023-49285)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8447)

WordPress Plugin WordPress Button Plugin MaxButtons Cross-Site Scripting (1.26.0)

WordPress Plugin Redirection 'id' Parameter Cross-Site Scripting (2.2.8)

Severity

Critical

Classification

CVE-2006-4936 CWE-20

Tags

Missing Update Known Vulnerabilities