Moodle Multiple Security Vulnerabilities

Moodle is prone to multiple security vulnerabilities, including:

1. A security-bypass vulnerability
2. A security vulnerability
3. Multiple information-disclosure vulnerabilities
4. A remote code-execution vulnerability

Attackers can exploit these issues to bypass certain security restrictions, obtain sensitive information, execute arbitrary code in context of the user running the application. Other attacks may also be possible.

Moodle versions prior to 2.3.3, 2.2.6, and 2.1.9 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus