Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/02/21 5:40 a.m.26 views

CVE-2026-26045 Moodle: moodle: improper validation in file restore functionality leading to remote code execution

A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available ...

7.2CVSS0.00553EPSS
Exploits0References2
OSV
OSV
added 2026/01/23 4:35 a.m.4 views

CVE-2025-67847 Moodle: moodle: remote code execution via insufficient restore input validation

A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a...

8.8CVSS7.3AI score0.00528EPSS
Exploits0References4
OSV
OSV
added 2024/05/31 9:15 p.m.2 views

UBUNTU-CVE-2024-34002

In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file include...

6.5CVSS5.8AI score0.00475EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.4 views

SUSE CVE-2016-3733

The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber...

4.3CVSS6.8AI score0.01171EPSS
Exploits0References3
Rows per page
Query Builder