Multiple unspecified authentication plugins in Moodle 1.8 prior to 1.8.11 and 1.9 prior to 1.9.7 store the MD5 hashes for passwords in the user table, even when the cached hashes are not used by the plugin, which might make it easier for malicious users to obtain credentials via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 1.8.1 |
||
moodle moodle 1.8.2 |
||
moodle moodle 1.9.5 |
||
moodle moodle 1.9.6 |
||
moodle moodle 1.8.4 |
||
moodle moodle 1.8.7 |
||
moodle moodle 1.9.1 |
||
moodle moodle 1.9.3 |
||
moodle moodle 1.8.8 |
||
moodle moodle 1.8.9 |
||
moodle moodle 1.8.10 |
||
moodle moodle 1.8.3 |
||
moodle moodle 1.8.5 |
||
moodle moodle 1.9.2 |
||
moodle moodle 1.9.4 |