2 matches found
CVE-2006-4940
login/forgotpassword.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive information e-mail addresses and Moodle account names via a find action...
CVE-2006-4940
CVE-2006-4940 affects Moodle prior to 1.6.2. The issue is in login/forgot_password.php, where a find action can cause disclosure of sensitive user data, specifically e-mail addresses and Moodle account names. The NVD entry records a base CVSS score of 5.0 (Medium) with network access, low attack ...