Description
The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.
Remediation
References
Related Vulnerabilities
PrestaShop CVE-2018-13784 Vulnerability (CVE-2018-13784)
WordPress Plugin Church Admin Arbitrary File Upload (4.4.6)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2891)
SharePoint CVE-2020-0892 Vulnerability (CVE-2020-0892)
WordPress Plugin News Element Elementor Blog Magazine Local File Inclusion (1.0.5)