Description
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
Remediation
References
Related Vulnerabilities
Apache Traffic Server Other Vulnerability (CVE-2019-9513)
MySQL CVE-2018-2766 Vulnerability (CVE-2018-2766)
WordPress Plugin Church Admin Cross-Site Scripting (0.800)
Drupal CVE-2014-9016 Vulnerability (CVE-2014-9016)
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-41164)