Description

Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php.

Remediation

References

CVE-2006-4784

Related Vulnerabilities

WordPress 5.3.x PHP Object Injection (5.3 - 5.3.7)

WordPress Plugin Portfolio Cross-Site Request Forgery (1.0)

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6403)

WordPress Plugin Contact Form 7 Multi-Step Forms Security Bypass (3.0.8)

Oracle Database Server CVE-2009-1972 Vulnerability (CVE-2009-1972)

Severity

Medium

Classification

CVE-2006-4784

Tags

Missing Update Known Vulnerabilities