Description

The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspecified impact and remote attack vectors.

Remediation

References

CVE-2006-4935

Related Vulnerabilities

WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-9064)

WordPress Plugin Polo Video Gallery-Best wordpress video gallery Cross-Site Scripting (1.2)

WordPress Plugin WP Easy Columns Cross-Site Scripting (2.1.3)

Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)

Oracle Application Server Other Vulnerability (CVE-2007-3861)

Severity

Critical

Classification

CVE-2006-4935 CWE-20

Tags

Missing Update Known Vulnerabilities