Description
backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not check for the moodle/course:changeidnumber privilege during handling of course ID numbers, which allows remote authenticated users to overwrite ID numbers via a restore action.
Remediation
References
Related Vulnerabilities
WordPress Plugin Events Made Easy Cross-Site Scripting (1.6.20)
Oracle Database Server CVE-2008-2613 Vulnerability (CVE-2008-2613)
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.4)
Oracle HTTP Server Other Vulnerability (CVE-2012-2751)
WordPress Plugin Swift Landing Page Cross-Site Request Forgery (1.1)