Description
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
Remediation
References
Related Vulnerabilities
Joomla! Core 1.0.x Session Fixation (1.0.0 - 1.0.12)
WordPress Plugin SpamTask Arbitrary File Upload (1.3.6)
WordPress Plugin Stealth Login Page Unspecified Vulnerability (1.1.3)
WordPress Plugin Gallery Objects SQL Injection (0.4)
WordPress Plugin ThinkIT WP Contact Form Multiple Vulnerabilities (0.2)