Description
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
Remediation
References
Related Vulnerabilities
TYPO3 CVE-2013-7080 Vulnerability (CVE-2013-7080)
Next.js CVE-2022-21721 Vulnerability (CVE-2022-21721)
WordPress Plugin Bookmarkify Multiple Vulnerabilities (2.9.2)
WordPress Plugin Paid Business Listings Blind SQL Injection (1.0.2)
WordPress Plugin LittleBot ACH for Stripe + Plaid Unspecified Vulnerability (1.2.6)