WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4589)

Description

backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not check for the moodle/course:changeidnumber privilege during handling of course ID numbers, which allows remote authenticated users to overwrite ID numbers via a restore action.

Remediation

References

Related Vulnerabilities

WordPress Plugin Events Made Easy Cross-Site Scripting (1.6.20)

Oracle Database Server CVE-2008-2613 Vulnerability (CVE-2008-2613)

WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.4)

Oracle HTTP Server Other Vulnerability (CVE-2012-2751)

WordPress Plugin Swift Landing Page Cross-Site Request Forgery (1.1)

Severity

Medium

Classification

CVE-2011-4589 CWE-264

Tags

Missing Update Known Vulnerabilities