Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1832)

Description

repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.

Remediation

References

Related Vulnerabilities

Nginx Uncontrolled Resource Consumption Vulnerability (CVE-2018-16843)

Microsoft SQL Server Other Vulnerability (CVE-2000-1084)

WordPress Plugin Contact Form DB Cross-Site Scripting (2.8.19)

PHP Use After Free Vulnerability (CVE-2026-7261)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2582)

Severity

Medium

Classification

CVE-2013-1832 CWE-200

Tags

Missing Update Known Vulnerabilities