Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2012-3387

Published: 23/07/2012 Updated: 01/12/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Moodle

Vulnerability Summary

Moodle 2.3.x prior to 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrictions via a client that omits this check.

Vulnerable Product Search on Vulmon Subscribe to Product

moodle moodle 2.3.0

References

CWE-264http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33948http://openwall.com/lists/oss-security/2012/07/17/1https://exchange.xforce.ibmcloud.com/vulnerabilities/76954http://www.securityfocus.com/bid/54481http://secunia.com/advisories/49890https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook