Lucene search
Veracode Vulnerability DatabaseVERACODE:6392HistoryMay 28, 2018 - 1:46 a.m.
Unauthorised Arbitrary File Downloads
2018-05-2801:46:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.001
Percentile
26.2%
Moodle is vulnerable to unauthorised arbitrary file downloads. It is possible because any authorized student with access to portfolio forum caller class can change the download URL to download any files.
Related
osv
osv
Moodle Portfolio forum caller class allows a user to download any file
2022-05-14 03:16:24
CVE-2018-1135
2018-05-25 12:29:00
github
github
Moodle Portfolio forum caller class allows a user to download any file
2022-05-14 03:16:24
ubuntucve
ubuntucve
CVE-2018-1135
2018-05-25 00:00:00
cve
cve
CVE-2018-1135
2018-05-25 12:29:00
cvelist
cvelist
CVE-2018-1135
2018-05-25 12:00:00
prion
prion
Code injection
2018-05-25 12:29:00
nvd
nvd
CVE-2018-1135
2018-05-25 12:29:00
openvas
openvas
Moodle 3.x Multiple Vulnerabilities (May 2018) - Linux
2018-05-29 00:00:00
Moodle 3.x Multiple Vulnerabilities (May 2018) - Windows
2018-05-29 00:00:00