Description

login/forgot_password.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive information (e-mail addresses and Moodle account names) via a find action.

Remediation

References

CVE-2006-4940

Related Vulnerabilities

WordPress Plugin wptf-image-gallery Arbitrary File Download (1.0.3)

Internet Information Services Other Vulnerability (CVE-2000-0246)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0814)

Sqlite NULL Pointer Dereference Vulnerability (CVE-2018-8740)

Oracle Database Server CVE-2008-0346 Vulnerability (CVE-2008-0346)

Severity

Medium

Classification

CVE-2006-4940

Tags

Missing Update Known Vulnerabilities