2 matches found
PT-2012-1917 · Moodle · Moodle
Name of the Vulnerable Software and Affected Versions: Moodle versions 1.9.x through 1.9.14 Description: The issue concerns the change-password form in the login/change password.php file. It does not utilize https for encryption, even when the httpslogin option is enabled. This oversight allows...
PT-2012-1920 · Moodle · Moodle
Name of the Vulnerable Software and Affected Versions: Moodle versions 1.9.x through 1.9.14 Description: The issue concerns the ip in range function in mnet/lib.php, which incorrectly handles data types. This allows remote attackers to bypass intended IP address restrictions by sending an XMLRPC...