Description
The file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not properly restrict access to category and course data, which allows remote attackers to obtain potentially sensitive information via a request for a file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (5.2.3)
WordPress Plugin Simple Dropbox Upload Arbitrary File Upload (1.8.8)
RubyGems Improper Verification of Cryptographic Signature Vulnerability (CVE-2018-1000076)
Internet Information Services Configuration Vulnerability (CVE-1999-0725)
WordPress Plugin FoxyPress 'uploadify.php' Arbitrary File Upload (0.4.2.1)