Description
Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by webservice/xmlrpc/locallib.php and certain other files.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sliced Invoices-WordPress Invoice Multiple Vulnerabilities (3.8.2)
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-29213)
WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.5)
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Cross-Site Scripting (3.5.7)