Description
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin VaultPress Man-in-The-Middle (MiTM) Remote Code Execution (1.8.6)
WordPress Plugin Download Monitor Cross-Site Scripting (1.7.0)
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-1333)
WordPress Plugin UserPro-Community and User Profile Cross-Site Scripting (4.9.33)