Lucene search
PRIOn knowledge basePRION:CVE-2023-30943HistoryMay 02, 2023 - 8:15 p.m.
Path traversal
2023-05-0220:15:00
PRIOn knowledge base
www.prio-n.com
10
moodle
path traversal
vulnerability
remote user
folder creation
http request
arbitrary folders
system
The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77718
bugzilla.redhat.com/show_bug.cgi?id=2188605
lists.fedoraproject.org/archives/list/[email protected]/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I/
lists.fedoraproject.org/archives/list/[email protected]/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY/
lists.fedoraproject.org/archives/list/[email protected]/message/PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS/
moodle.org/mod/forum/discuss.php?d=446285
Related
nvd
nvd
CVE-2023-30943
2023-05-02 20:15:10
ubuntucve
ubuntucve
CVE-2023-30943
2023-05-02 00:00:00
osv
osv
CVE-2023-30943
2023-05-02 20:15:10
Moodle External Control of File Name or Path vulnerability
2023-05-02 21:31:48
BIT-moodle-2023-30943
2024-03-06 10:59:39
githubexploit
githubexploit
Exploit for External Control of File Name or Path in Moodle
2024-03-21 08:08:52
Exploit for External Control of File Name or Path in Moodle
2023-08-31 08:18:17
Exploit for External Control of File Name or Path in Moodle
2023-09-07 13:25:55
nuclei
nuclei
Moodle - Cross-Site Scripting/Remote Code Execution
2023-08-31 04:34:29
veracode
veracode
Improper Access Control
2023-05-17 08:15:23
github
github
Moodle External Control of File Name or Path vulnerability
2023-05-02 21:31:48
cve
cve
CVE-2023-30943
2023-05-02 20:15:10
openvas
openvas
Moodle 4.1.x < 4.1.3 Arbitrary Folder Creation Vulnerability (MSA-23-0014)
2023-05-04 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2023-60a90b6e6a)
2023-05-12 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2023-49eb814ccc)
2023-05-12 00:00:00
cvelist
cvelist
nessus
nessus
Fedora 36 : moodle (2023-49eb814ccc)
2023-05-11 00:00:00
Fedora 38 : moodle (2023-0ab503de3d)
2023-05-11 00:00:00
Fedora 37 : moodle (2023-60a90b6e6a)
2023-05-11 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: moodle-3.11.14-1.fc36
2023-05-11 01:30:55
[SECURITY] Fedora 37 Update: moodle-4.1.3-1.fc37
2023-05-11 01:53:44
[SECURITY] Fedora 38 Update: moodle-4.1.3-1.fc38
2023-05-11 02:04:50