Description

mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.

Remediation

References

CVE-2009-4301

Related Vulnerabilities

WordPress Plugin Forminator-Contact Form, Payment Form & Custom Form Builder Unspecified Vulnerability (1.14.11)

MySQL CVE-2015-4761 Vulnerability (CVE-2015-4761)

WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (2.3.12)

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Multiple Vulnerabilities (2.0.18)

MediaWiki CVE-2022-34912 Vulnerability (CVE-2022-34912)

Severity

Medium

Classification

CVE-2009-4301 CWE-264

Tags

Missing Update Known Vulnerabilities