mod/data/preset.php in Moodle 2.1.x prior to 2.1.6 and 2.2.x prior to 2.2.3 does not properly iterate through an array, which allows remote authenticated users to overwrite arbitrary database activity presets via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 2.1.2 |
||
moodle moodle 2.1.1 |
||
moodle moodle 2.1.0 |
||
moodle moodle 2.1.4 |
||
moodle moodle 2.1.3 |
||
moodle moodle 2.1.5 |
||
moodle moodle 2.2.0 |
||
moodle moodle 2.2.2 |
||
moodle moodle 2.2.1 |