Description

Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php and (2) other unspecified vectors involving scheduled backups.

Remediation

References

CVE-2006-4786

Related Vulnerabilities

WordPress Plugin Import XML and RSS Feeds Arbitrary File Upload (2.1.5)

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33508)

WordPress Plugin bbPress Cross-Site Scripting (2.5.9)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21611)

Oracle Database Server CVE-2023-22077 Vulnerability (CVE-2023-22077)

Severity

Medium

Classification

CVE-2006-4786

Tags

Missing Update Known Vulnerabilities