Description
The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x before 1.9.15 uses an incorrect data type, which allows remote attackers to bypass intended IP address restrictions via an XMLRPC request.
Remediation
References
Related Vulnerabilities
Liferay Portal Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-43768)
WordPress Plugin MailArchiver Cross-Site Scripting (2.10.1)
WordPress Plugin Bind Users to Taxonomy Cross-Site Scripting (0.3)
Oracle Application Server Other Vulnerability (CVE-2007-2119)
WordPress Plugin Premmerce Variation Swatches for WooCommerce Security Bypass (1.0)