Description
Unrestricted file upload vulnerability in the "legacy course files" and "file manager" modules in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
Remediation
References
Related Vulnerabilities
Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)
WordPress Plugin MiwoFTP-File & Folder Manager Multiple Vulnerabilities (1.0.5)
Ruby Improper Authentication Vulnerability (CVE-2007-5162)
MySQL CVE-2015-2568 Vulnerability (CVE-2015-2568)
WordPress Plugin Duplicate Page Cross-Site Scripting (4.4.2)