Moodle 1.9.14.2 Full Puth Disclosure Vulnerability

2012-12-05T00:00:00
ID 1337DAY-ID-19897
Type zdt
Reporter mrpack
Modified 2012-12-05T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: Full Path Disclosure --- Moodle 1.9.x -> 1.9.14.2 
# Date: 2012 / 11 / 30
# Author: r00tc0d3rs

# WebSite: www.r00tc0d3rs.org
# Facebook: www.facebook.com/r00tc0d3rs
# Twitter: @r00tc0d3rs

# Version:  Moodle 1.9.x -> 1.9.14.2
# Category:: WebApps
# Google dork: inurl:  /moodle/calendar/view.php
# Tested on: Ubuntu 12.10
# Demo site: 

http://www.juntadeandalucia.es/averroes/centros-tic/11700603/moodle/calendar/view.php

http://biology.csustan.edu/~thao/thao-moodle/calendar/view.php

http://ncfsclasses.ucf.edu/moodle/calendar/view.php

http://cfpvirtual.cervantes.es/moodle/calendar/view.php

http://moodle.britishschool.ro/moodle/calendar/view.php

#  0day.today [2018-03-19]  #