Lucene search
GoogleOSV:CVE-2024-34005HistoryMay 31, 2024 - 9:15 p.m.
CVE-2024-34005
2024-05-3121:15:00
Google
osv.dev
shared hosting
misconfiguration
moodle
database activity
web server
local file include
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
7.1
Confidence
Low
In a shared hosting environment that has been misconfigured to allow access to other users’ content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file include.
Related
ubuntucve
ubuntucve
CVE-2024-34005
2024-05-31 00:00:00
cvelist
cvelist
github
github
veracode
veracode
Local File Inclusion
2024-06-07 08:15:13
nvd
nvd
CVE-2024-34005
2024-05-31 21:15:09
vulnrichment
vulnrichment
osv
osv
cve
cve
CVE-2024-34005
2024-05-31 21:15:09
openvas
openvas
Moodle < 4.1.10, 4.2.x < 4.2.7, 4.3.x < 4.3.4 Multiple Vulnerabilities
2024-05-14 00:00:00
redos
redos
ROS-20240701-03
2024-07-01 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
7.1
Confidence
Low
Related for OSV:CVE-2024-34005