5 matches found
Metasploit Wrap-Up
An Especially Spooky Season for Moodle This release has not one, two, or three, but FOUR authenticated Moodle exploit modules, or should I say moodules? H00die comes through again with not just modules, but also an artisanal, bespoke library to support further work. Two target the spell check...
Moodle Admin Shell Upload Exploit
This Metasploit module will generate a plugin which can receive a malicious payload request and upload it to a server running Moodle provided valid admin credentials are used. Then the payload is sent for execution, and the plugin uninstalled. You must have an admin account to exploit this...
CVE-2019-11631
creationtimestamp| type| source ---|---|--- 2021-10-11 22:36:30+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/moodleadminshellupload.rb 2021-10-13 01:51:36+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/865 2025-02-06...
CVE-2019-11631
CVE-2019-11631 is withdrawn; the Initial Description states it was rejected and not a security issue. Connected sources reference a Moodle Admin Shell Upload Metasploit module that claims to exploit CVE-2019-11631 (admin credentials required) and list Moodle version testing ranges, but the CVE it...
CVE-2019-11631
...