Directory Traversal
Moodle is susceptible to directory traversal attacks. The attacks exist because the mingetslashargument function in lib/configonlylib.php does not filter .. dot dot in the file parameter, allowing read access of arbitrary files through it...