Lucene search
Veracode Vulnerability DatabaseVERACODE:36502HistoryJul 26, 2022 - 6:10 a.m.
Directory Traversal
2022-07-2606:10:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21
moodle
vulnerability
directory traversal
validation
software
lesson question
arbitrary file read
authorized user
0.003 Low
EPSS
Percentile
69.3%
moodle/moodle is vulnerable to directory traversal. It does not validate the path used to import a lesson question, allowing an authorized user to cause an arbitrary file read via this feature.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72029
bugzilla.redhat.com/show_bug.cgi?id=2106274
github.com/moodle/moodle/commit/3cafb305ded3bf676a2d2b89fcf5a0c6ea7c6d6d
github.com/moodle/moodle/commit/d585f902fc2bc4f04ac2b097aa9bfde8a71f8fba
lists.fedoraproject.org/archives/list/[email protected]/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/
lists.fedoraproject.org/archives/list/[email protected]/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/
moodle.org/mod/forum/discuss.php?d=436457
Related
cvelist
cvelist
CVE-2022-35650
2022-07-25 15:29:06
checkpoint_advisories
checkpoint_advisories
Moodle Directory Traversal (CVE-2022-35650)
2022-08-15 00:00:00
cve
cve
CVE-2022-35650
2022-07-25 16:15:08
github
github
Moodle Arbitrary file read when importing lesson questions
2022-07-26 00:00:29
osv
osv
BIT-moodle-2022-35650
2024-03-06 11:03:46
CVE-2022-35650
2022-07-25 16:15:08
Moodle Arbitrary file read when importing lesson questions
2022-07-26 00:00:29
ubuntucve
ubuntucve
CVE-2022-35650
2022-07-25 00:00:00
cnvd
cnvd
Moodle arbitrary file reading vulnerability
2022-07-21 00:00:00
nvd
nvd
CVE-2022-35650
2022-07-25 16:15:08
prion
prion
Design/Logic Flaw
2022-07-25 16:15:00
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2022-81ce74b2dd)
2022-07-28 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2022-7e7ce7df2e)
2022-07-28 00:00:00
Moodle <= 3.9.14, 3.10 <= 3.11.7, 4.0 <= 4.0.1 Multiple Vulnerabilities
2022-07-26 00:00:00
nessus
nessus
Moodle 4.0.x < 4.0.2 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.11.x < 3.11.8 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.9.x < 3.9.15 Multiple Vulnerabilities
2023-02-20 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: moodle-3.11.8-1.fc35
2022-07-27 02:35:50
[SECURITY] Fedora 36 Update: moodle-3.11.8-1.fc36
2022-07-27 02:24:14
redos
redos
ROS-20221013-02
2022-10-13 00:00:00