Description

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.

Remediation

References

CVE-2019-10134

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2002-1695)

WordPress Plugin Event List SQL Injection (0.7.8)

TCExam Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4601)

Sqlite CVE-2019-19244 Vulnerability (CVE-2019-19244)

WordPress Plugin YaMaps for WordPress Cross-Site Scripting (0.6.25)

Severity

Low

Classification

CVE-2019-10134 CWE-20 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities