CVE-2009-4298
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-4298
Status
Candidate
Description
The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors.
Severity
Medium
CVSS score
5
CVSS vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Phase
Assigned (16.12.2009)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4298
References
BID :
37244
CONFIRM :
http://docs.moodle.org/en/Moodle_1.8.11_release_notes
CONFIRM :
http://docs.moodle.org/en/Moodle_1.9.7_release_notes
CONFIRM :
http://moodle.org/mod/forum/discuss.php?d=139102
FEDORA :
FEDORA-2009-13040
FEDORA :
FEDORA-2009-13065
FEDORA :
FEDORA-2009-13080
SECUNIA :
37614
VUPEN :
ADV-2009-3455
SecurityVulns:
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
