The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x prior to 1.9.15 uses an incorrect data type, which allows remote malicious users to bypass intended IP address restrictions via an XMLRPC request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 1.9.4 |
||
moodle moodle 1.9.1 |
||
moodle moodle 1.9.6 |
||
moodle moodle 1.9.9 |
||
moodle moodle 1.9.11 |
||
moodle moodle 1.9.2 |
||
moodle moodle 1.9.12 |
||
moodle moodle 1.9.10 |
||
moodle moodle 1.9.3 |
||
moodle moodle 1.9.13 |
||
moodle moodle 1.9.5 |
||
moodle moodle 1.9.14 |
||
moodle moodle 1.9.8 |
||
moodle moodle 1.9.7 |