The command-line cron implementation in Moodle 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.3 does not properly interact with IP blocking, which might allow remote malicious users to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 2.0.2 |
||
moodle moodle 2.0.1 |
||
moodle moodle 2.0.4 |
||
moodle moodle 2.0.3 |
||
moodle moodle 2.0.5 |
||
moodle moodle 2.0.0 |
||
moodle moodle 2.1.2 |
||
moodle moodle 2.1.1 |
||
moodle moodle 2.1.0 |