CVE-2016-9186

Unrestricted file upload vulnerability in the "legacy course files" and "file manager" modules in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Information

Published : 2016-11-04 03:59

Updated : 2016-11-29 10:36


NVD link : CVE-2016-9186

Mitre link : CVE-2016-9186


JSON object : View

CWE
CWE-434

Unrestricted Upload of File with Dangerous Type

Advertisement

dedicated server usa

Products Affected

moodle

  • moodle