Description
backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not check for the moodle/course:changeidnumber privilege during handling of course ID numbers, which allows remote authenticated users to overwrite ID numbers via a restore action.
Remediation
References
Related Vulnerabilities
WordPress Plugin Custom Fields Search by BestWebSoft Cross-Site Scripting (1.3.1)
WordPress Plugin Relevant-Related Posts by BestWebSoft Cross-Site Scripting (1.0.7)
Oracle JRE CVE-2013-0431 Vulnerability (CVE-2013-0431)
WordPress Plugin Simple Photo Gallery SQL Injection (1.7.9)
WordPress Plugin W4 Post List Multiple Vulnerabilities (2.4.5)