Lucene search
MitreCVELIST:CVE-2007-1647HistoryMar 24, 2007 - 12:00 a.m.
CVE-2007-1647
2007-03-2400:00:00
mitre
www.cve.org
1
Moodle 1.5.2 and earlier stores sensitive information under the web root with insufficient access control, and provides directory listings, which allows remote attackers to obtain user names, password hashes, and other sensitive information via a direct request for session (sess_*) files in moodledata/sessions/.
Related
cve
cve
CVE-2007-1647
2007-03-24 00:19:00
ubuntucve
ubuntucve
CVE-2007-1647
2007-03-24 00:00:00
nessus
nessus
Moodle 'moodledata/sessions' Session Files Remote Information Disclosure
2007-03-23 00:00:00
nvd
nvd
CVE-2007-1647
2007-03-24 00:19:00
prion
prion
Improper access control
2007-03-24 00:19:00
securityvulns
securityvulns