Description
help.php in Moodle before 1.6.2 does not check the existence of certain help files before including them, which might allow remote authenticated users to obtain the path in an error message.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1891)
WordPress Plugin Poll, Survey, Form & Quiz Maker by OpinionStage Cross-Site Scripting (19.6.24)
PHP Other Vulnerability (CVE-2003-0249)
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10321)
WordPress Plugin Count per Day 'month' Parameter SQL Injection (2.17)