Описание
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | |
| cosmic | ignored | |
| devel | ignored | |
| esm-apps/bionic | ignored | |
| esm-apps/xenial | ignored | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored] |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needs-triage |
| trusty | ignored |
Показывать по
10
6.5 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
nvd
больше 9 лет назад
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
CVSS3: 8.8
debian
больше 9 лет назад
Unrestricted file upload vulnerability in the double extension support ...
6.5 Medium
CVSS2
8.8 High
CVSS3