BIT-MOODLE-2025-3641 Moodle: authenticated remote code execution risk in the moodle lms dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

EUVD-2025-12520

Malicious code in bioql PyPI...

Remote Code Execution (RCE)

moodle/moodle is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper access control in the Moodle LMS Dropbox repository, allows teachers and managers, by default, to have access to the affected functionality, creating an opportunity for remote code execution...

Arbitrary Code Injection

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Arbitrary Code Injection via the Moodle LMS Dropbox repository. An attacker can execute arbitrary code by exploiting insufficient input validation and code sanitization mechanisms. Note: This is onl...

Moodle has an authenticated remote code execution risk in the Moodle LMS Dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

GHSA-C8V6-VXHF-WCRR Moodle has an authenticated remote code execution risk in the Moodle LMS Dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641 Moodle: authenticated remote code execution risk in the moodle lms dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641

CVE-2025-3641 affects Moodle (Moodle LMS) with a remote code execution risk in the Dropbox repository. By default, this is limited to sites where the Dropbox repository is enabled and accessible only to teachers and managers. The provided metrics indicate a high severity (CVSS 3.1: 8.8, Impact: c...

CVE-2025-3641 Moodle: authenticated remote code execution risk in the moodle lms dropbox repository

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

CVE-2025-3641

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled...

Moodle 代码注入漏洞

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from a code injection vulnerability that stems from a security issue in the Moodle LMS Dropbox repository that...

CVE-2012-5471

The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging an unattended workstation after a logout...

CVE-2012-5471

The vulnerability CVE-2012-5471 affects Moodle’s Dropbox Repository File Picker in Moodle 2.1.x (before 2.1.9), 2.2.x (before 2.2.6), and 2.3.x (before 2.3.3). It allows remote authenticated users to access another user’s Dropbox by using an unattended workstation after logout. The issue is addre...