Description

Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php and (2) other unspecified vectors involving scheduled backups.

Remediation

References

CVE-2006-4786

Related Vulnerabilities

Jenkins Incorrect Authorization Vulnerability (CVE-2017-2611)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple Vulnerabilities (7.3.6)

WordPress Plugin Countdown and CountUp, WooCommerce Sales Timer Cross-Site Request Forgery (1.5.7)

WordPress Plugin QIWI payment module for Woocommerce Cross-Site Scripting (0.0.9)

WordPress Plugin BigDoor Quick Gamification for WordPress Cross-Site Scripting (1.0.5)

Severity

Medium

Classification

CVE-2006-4786

Tags

Missing Update Known Vulnerabilities