Lucene search
Veracode Vulnerability DatabaseVERACODE:47413HistoryJun 07, 2024 - 7:33 a.m.
Exposure Of Sensitive Information To An Unauthorized Actor
2024-06-0707:33:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
1
moodle
vulnerability
sensitive information
unauthorized actor
misconfiguration
shared hosting
user access
workshop modules
web server
local file include
software
Moodle is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. The vulnerability is due to misconfiguration in a shared hosting environment, allowing a user with access to restore workshop modules and direct access to the web server outside of the Moodle webroot to execute a local file include.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | v4.3.3 | |
| moodle/moodle | le | v4.1.9 | |
| moodle/moodle | le | v4.2.6 | |
| moodle/moodle | le | v4.3.3 | |
| moodle/moodle | le | v4.1.9 | |
| moodle/moodle | le | v4.2.6 |
Related
nvd
nvd
CVE-2024-34003
2024-05-31 21:15:09
vulnrichment
vulnrichment
cve
cve
CVE-2024-34003
2024-05-31 21:15:09
cvelist
cvelist
osv
osv
ubuntucve
ubuntucve
CVE-2024-34003
2024-05-31 00:00:00
github
github
openvas
openvas
Moodle < 4.1.10, 4.2.x < 4.2.7, 4.3.x < 4.3.4 Multiple Vulnerabilities
2024-05-14 00:00:00