WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Improper Input Validation Vulnerability (CVE-2009-1171)

Description

The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file.

Remediation

References

Related Vulnerabilities

Oracle Application Server Other Vulnerability (CVE-2002-0566)

MySQL CVE-2015-0438 Vulnerability (CVE-2015-0438)

WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.17)

Contao Improper Input Validation Vulnerability (CVE-2020-25768)

WordPress Plugin WP Photo Album Plus Cross-Site Request Forgery (4.8.11)

Severity

Medium

Classification

CVE-2009-1171 CWE-20

Tags

Missing Update Known Vulnerabilities