2 matches found
CVE-2007-1647
CVE-2007-1647 affects Moodle 1.5.2 and earlier. The vulnerability arises because Moodle stores sensitive information under the web root with insufficient access control and directory listings are enabled, allowing a remote attacker to obtain user names, password hashes and other sensitive data by...
Moodle 'moodledata/sessions' Session Files Remote Information Disclosure
The version of Moodle on the remote host allows a remote attacker to browse session files, which likely contain sensitive information about users of the application, such as password hashes and email addresses. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...