CVE-2012-4400

Опубликовано: 19 сент. 2012

Источник: debian

Описание

repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
moodle	fixed	2.2.3.dfsg-2.3		package
moodle	not-affected		squeeze	package

Связанные уязвимости

CVE-2012-4400

ubuntu

почти 13 лет назад

repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.

CVE-2012-4400

nvd

почти 13 лет назад

repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.

GHSA-3mfq-73xr-2v9w

github

больше 3 лет назад

repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.