Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4301)

Description

mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.

Remediation

References

CVE-2009-4301

Related Vulnerabilities

WordPress Plugin Gravity Forms Directory Cross-Site Scripting (3.7.1)

WordPress Plugin Live Forms-Visual Form Builder SQL Injection (3.0.1)

WordPress Plugin Cool Video Gallery Cross-Site Request Forgery (1.8)

WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (2.6.7)

Oracle Database Server CVE-2007-2118 Vulnerability (CVE-2007-2118)

Severity

Medium

Classification

CVE-2009-4301 CWE-264