Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2013-3630

🗓️ 01 Nov 2013 01:00:00Reported by certccType 
cve
 cve🔗 web.nvd.nist.gov👁 130 Views🌐 WEB

Moodle 2.5.2 allows remote admins to execute arbitrary programs via TinyMCE spell-check

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		Moodle Remote Command Execution Vulnerability
31 Oct 201300:00
zdt
0day.today		Moodle SpellChecker Path Authenticated Remote Command Execution Exploit
13 Oct 202100:00
zdt
0day.today		Moodle Authenticated Spelling Binary Remote Code Execution Exploit
13 Oct 202100:00
zdt
Circl		CVE-2013-3630
31 Oct 201300:00
circl
Check Point Advisories		Moodle Spellcheck Remote Command Execution (CVE-2013-3630)
18 Nov 201400:00
checkpoint_advisories
Cvelist		CVE-2013-3630
1 Nov 201301:00
cvelist
Exploit DB		Moodle - Remote Command Execution (Metasploit)
31 Oct 201300:00
exploitdb
Fedora		[SECURITY] Fedora 18 Update: moodle-2.3.10-1.fc18
23 Nov 201319:35
fedora
Fedora		[SECURITY] Fedora 19 Update: moodle-2.4.7-1.fc19
23 Nov 201319:49
fedora
Fedora		[SECURITY] Fedora 20 Update: moodle-2.5.3-1.fc20
24 Nov 201303:29
fedora
Rows per page
NVD
Node
moodlemoodleRange2.5.2
OR
moodlemoodleMatch1.1.1
OR
moodlemoodleMatch1.2.0
OR
moodlemoodleMatch1.2.1
OR
moodlemoodleMatch1.3.0
OR
moodlemoodleMatch1.3.1
OR
moodlemoodleMatch1.3.2
OR
moodlemoodleMatch1.3.3
OR
moodlemoodleMatch1.3.4
OR
moodlemoodleMatch1.4.1
OR
moodlemoodleMatch1.4.2
OR
moodlemoodleMatch1.4.3
OR
moodlemoodleMatch1.4.4
OR
moodlemoodleMatch1.4.5
OR
moodlemoodleMatch1.5
OR
moodlemoodleMatch1.5.0beta
OR
moodlemoodleMatch1.5.1
OR
moodlemoodleMatch1.5.2
OR
moodlemoodleMatch1.5.3
OR
moodlemoodleMatch1.6.0
OR
moodlemoodleMatch1.6.1
OR
moodlemoodleMatch1.6.2
OR
moodlemoodleMatch1.6.3
OR
moodlemoodleMatch1.6.4
OR
moodlemoodleMatch1.6.5
OR
moodlemoodleMatch1.6.6
OR
moodlemoodleMatch1.6.7
OR
moodlemoodleMatch1.6.8
OR
moodlemoodleMatch1.7.1
OR
moodlemoodleMatch1.7.2
OR
moodlemoodleMatch1.7.3
OR
moodlemoodleMatch1.7.4
OR
moodlemoodleMatch1.7.5
OR
moodlemoodleMatch1.7.6
OR
moodlemoodleMatch1.8.1
OR
moodlemoodleMatch1.8.2
OR
moodlemoodleMatch1.8.3
OR
moodlemoodleMatch1.8.4
OR
moodlemoodleMatch1.8.5
OR
moodlemoodleMatch1.8.6
OR
moodlemoodleMatch1.8.7
OR
moodlemoodleMatch1.8.8
OR
moodlemoodleMatch1.8.9
OR
moodlemoodleMatch1.8.10
OR
moodlemoodleMatch1.8.11
OR
moodlemoodleMatch1.8.12
OR
moodlemoodleMatch1.8.13
OR
moodlemoodleMatch1.8.14
OR
moodlemoodleMatch1.9.1
OR
moodlemoodleMatch1.9.2
OR
moodlemoodleMatch1.9.3
OR
moodlemoodleMatch1.9.4
OR
moodlemoodleMatch1.9.5
OR
moodlemoodleMatch1.9.6
OR
moodlemoodleMatch1.9.7
OR
moodlemoodleMatch1.9.8
OR
moodlemoodleMatch1.9.9
OR
moodlemoodleMatch1.9.10
OR
moodlemoodleMatch1.9.11
OR
moodlemoodleMatch1.9.12
OR
moodlemoodleMatch1.9.13
OR
moodlemoodleMatch1.9.14
OR
moodlemoodleMatch1.9.15
OR
moodlemoodleMatch1.9.16
OR
moodlemoodleMatch1.9.17
OR
moodlemoodleMatch1.9.18
OR
moodlemoodleMatch2.0.0
OR
moodlemoodleMatch2.0.1
OR
moodlemoodleMatch2.0.2
OR
moodlemoodleMatch2.0.3
OR
moodlemoodleMatch2.0.4
OR
moodlemoodleMatch2.0.5
OR
moodlemoodleMatch2.0.6
OR
moodlemoodleMatch2.0.7
OR
moodlemoodleMatch2.0.8
OR
moodlemoodleMatch2.0.9
OR
moodlemoodleMatch2.1.0
OR
moodlemoodleMatch2.1.1
OR
moodlemoodleMatch2.1.2
OR
moodlemoodleMatch2.1.3
OR
moodlemoodleMatch2.1.4
OR
moodlemoodleMatch2.1.5
OR
moodlemoodleMatch2.1.6
OR
moodlemoodleMatch2.1.7
OR
moodlemoodleMatch2.1.8
OR
moodlemoodleMatch2.1.9
OR
moodlemoodleMatch2.1.10
OR
moodlemoodleMatch2.2.0
OR
moodlemoodleMatch2.2.1
OR
moodlemoodleMatch2.2.2
OR
moodlemoodleMatch2.2.3
OR
moodlemoodleMatch2.2.4
OR
moodlemoodleMatch2.2.5
OR
moodlemoodleMatch2.2.6
OR
moodlemoodleMatch2.2.7
OR
moodlemoodleMatch2.2.8
OR
moodlemoodleMatch2.2.9
OR
moodlemoodleMatch2.2.10
OR
moodlemoodleMatch2.2.11
OR
moodlemoodleMatch2.3.0
OR
moodlemoodleMatch2.3.1
OR
moodlemoodleMatch2.3.2
OR
moodlemoodleMatch2.3.3
OR
moodlemoodleMatch2.3.4
OR
moodlemoodleMatch2.3.5
OR
moodlemoodleMatch2.3.6
OR
moodlemoodleMatch2.3.7
OR
moodlemoodleMatch2.3.8
OR
moodlemoodleMatch2.4.0
OR
moodlemoodleMatch2.4.1
OR
moodlemoodleMatch2.4.2
OR
moodlemoodleMatch2.4.3
OR
moodlemoodleMatch2.4.4
OR
moodlemoodleMatch2.4.5
OR
moodlemoodleMatch2.5.0
OR
moodlemoodleMatch2.5.1
ParameterPositionPathDescriptionCWE
s__aspellpathrequest bodyadmin/settings.phpCWE-94: Moodle RCE via configuring aspell path and triggering spellcheckCWE-94
s__pathtodurequest bodyadmin/settings.phpCWE-94: Moodle RCE via configuring aspell path and triggering spellcheckCWE-94
s__pathtodotrequest bodyadmin/settings.phpCWE-94: Moodle RCE via configuring aspell path and triggering spellcheckCWE-94
s__aspellpathrequest bodyadmin/settings.phpCWE-94: Moodle RCE via configuring aspell path and triggering spellcheckCWE-94
{"id":"c0","method":"checkWords","params":["en",[""]]}request bodylib/editor/tinymce/tiny_mce/3.4.9/plugins/spellchecker/rpc.phpTrigger remote command execution via spellchecker RPC payloadCWE-94

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Jun 2026 23:55Current
9High risk
Vulners AI Score9
CVSS 24.6
EPSS0.42566
CWE-94
moodlecve-2013-3630remote executiontinymcespell-check
130